EmbedFileInVBScript
Écrit par Gilles LAURENT   
02-04-2008

EmbedFileInVBScript est un script encodeur permettant d'embarquer un fichier de type binaire ou exécutable au sein d'un script VBScript. Pourquoi ai-je été amené à developper cet outil ces derniers jours ? Et bien voilà ! J'ai dû intervenir pour un client sur un serveur DNS Windows 2000 dans le but d'analyser les différents paramètres de configuration du service DNS. Je souhaitai utiliser l'outil Microsoft dnscmd.exe pour extraire la configuration complète du service. Malheureusement, les outils du support n'étaient pas installés sur le serveur. Je ne pouvais accéder au serveur que par session TSE et tous les ports étaient fermés mis à part les ports 53 (DNS) et 3389 (TSE). Sans support RPC, l'analyse à distance n'était donc pas possible ! La seule solution consistait donc à copier l'outil dnscmd.exe localement sur le serveur via le presse-papier, seule passerelle entre mon poste de travail et le serveur distant ! J'avais donc besoin d'un outil capable d'une part d'encoder un fichier binaire au format texte pour assurer la compatibilité avec le presse-papier et d'autre part de reconstituer le fichier précédemment encodé.

Historique :
Version 1.0 - première release publique

Plateformes supportées :
Windows 2000+

Pré requis :
Microsoft ActiveX Data Objects 2.5

Listing 1 : EmbedFileInVBScript.vbs

  1. Const adTypeBinary=1

  2. Set oFs=CreateObject("Scripting.FileSystemObject")
  3. Set oArgs=WScript.Arguments
  4. Set oStream=CreateObject("ADODB.Stream")

  5. oStream.Type=adTypeBinary: oStream.Open
  6. oStream.LoadFromFile oArgs(0)
  7. BinStream=oStream.Read
  8. oStream.Close

  9. WScript.Echo "Const adTypeBinary=1"
  10. WScript.Echo "Const adSaveCreateOverWrite=2"
  11. WScript.Echo "Const adVarBinary=204"
  12. WScript.Echo "Const adFileName=""" & oFs.GetFileName(oArgs(0)) & """"
  13. WScript.Echo
  14. WScript.Echo "Set oFs=CreateObject(""Scripting.FileSystemObject"")"
  15. WScript.Echo "Set oFile=oFs.OpenTextFile(WScript.ScriptFullName)"
  16. WScript.Echo "Set oRs=CreateObject(""ADODB.RecordSet"")"
  17. WScript.Echo "Set oStream=CreateObject(""ADODB.Stream"")"
  18. WScript.Echo
  19. WScript.Echo "oStream.Type=adTypeBinary: oStream.Open"
  20. WScript.Echo "oRs.Fields.Append ""Data"",adVarBinary,32: oRs.Open: oRs.AddNew"
  21. WScript.Echo "WScript.Echo ""ReGenerating "" & adFileName & "" ..."""
  22. WScript.Echo
  23. WScript.Echo "While Not oFile.AtEndOfStream"
  24. WScript.Echo "  sLine=oFile.ReadLine"
  25. WScript.Echo "  If Left(sLine,3)=""'# "" Then"
  26. WScript.Echo "    oRs(""Data"")=Right(sLine,Len(sLine)-3)"
  27. WScript.Echo "    oRs.Update: oStream.Write oRs(""Data"")"
  28. WScript.Echo "  End If"
  29. WScript.Echo "Wend"
  30. WScript.Echo
  31. WScript.Echo "oStream.SaveToFile adFileName,adSaveCreateOverWrite"
  32. WScript.Echo "WScript.Echo ""Done."""

  33. For i=0 To Lenb(BinStream)-1
  34.   If i Mod 32=0 Then WScript.Stdout.Write VBCrLf & "'# "
  35.   nHexByte=Right("0" & Hex(Ascb(Midb(BinStream,i+1,1))),2)
  36.   WScript.Stdout.Write nHexByte
  37. Next

L'utilisation de cet outil est très simple. Il suffit de spécifier en ligne de commande le nom du fichier binaire ou exécutable à encoder. A titre d'exemple, nous allons encoder ici un petit binaire nommé Hello.exe. Le script décodeur étant généré automatiquement sur le flux stdout, la sortie de commande sera redirigée vers un fichier VBScript portant, par convention, le même nom que le fichier binaire mais muni de l'extension .vbs :

                                                                                
WSH D:\Test> @cscript //nologo EmbedFileInVBScript.vbs Hello.exe>Hello.vbs      
                                                                                

Listing 2 : Hello.vbs

  1. Const adTypeBinary=1
  2. Const adSaveCreateOverWrite=2
  3. Const adVarBinary=204
  4. Const adFileName="Hello.exe"

  5. Set oFs=CreateObject("Scripting.FileSystemObject")
  6. Set oFile=oFs.OpenTextFile(WScript.ScriptFullName)
  7. Set oRs=CreateObject("ADODB.RecordSet")
  8. Set oStream=CreateObject("ADODB.Stream")

  9. oStream.Type=adTypeBinary: oStream.Open
  10. oRs.Fields.Append "Data",adVarBinary,32: oRs.Open: oRs.AddNew
  11. WScript.Echo "ReGenerating " & adFileName & " ..."

  12. While Not oFile.AtEndOfStream
  13.   sLine=oFile.ReadLine
  14.   If Left(sLine,3)="'# " Then
  15.     oRs("Data")=Right(sLine,Len(sLine)-3)
  16.     oRs.Update: oStream.Write oRs("Data")
  17.   End If
  18. Wend

  19. oStream.SaveToFile adFileName,adSaveCreateOverWrite
  20. WScript.Echo "Done."

  21. '# 4D5A90000300000004000000FFFF0000B8000000000000004000000000000000
  22. '# 00000000000000000000000000000000000000000000000000000000E0000000
  23. '# 0E1FBA0E00B409CD21B8014CCD21546869732070726F6772616D2063616E6E6F
  24. '# 742062652072756E20696E20444F53206D6F64652E0D0D0A2400000000000000
  25. '# DE5BC68A9A3AA8D99A3AA8D99A3AA8D9F525A2D9913AA8D91926A6D99B3AA8D9
  26. '# F525ACD9993AA8D99A3AA9D98A3AA8D9AC1CA2D99B3AA8D95D3CAED99B3AA8D9
  27. '# 526963689A3AA8D9000000000000000000000000000000000000000000000000
  28. '# 504500004C0104008D44E5470000000000000000E0000F010B01060000020000
  29. '# 0008000000000000204000000040000000800000000040000040000000020000
  30. '# 0400000000000000040000000000000000400100000400000000000003000000
  31. '# 0000100000100000000010000010000000000000100000000000000000000000
  32. '# 4C80000028000000000001009803000000000000000000000000000000000000
  33. '# 0000000000000000000000000000000000000000000000000000000000000000
  34. '# 000000000000000000000000000000000000000000000000008000003C000000
  35. '# 0000000000000000000000000000000000000000000000002E74657874000000
  36. '# 6C01000000400000000200000004000000000000000000000000000020000060
  37. '# 2E72646174610000860100000080000000020000000600000000000000000000
  38. '# 00000000400000402E646174610000004C00000000C000000002000000080000
  39. '# 000000000000000000000000400000C02E727372630000009803000000000100
  40. '# 00040000000A0000000000000000000000000000400000400000000000000000
  41. '# 0000000000000000000000000000000000000000000000000000000000000000
  42. '# 0000000000000000000000000000000000000000000000000000000000000000
  43. '# 0000000000000000000000000000000000000000000000000000000000000000
  44. '# 0000000000000000000000000000000000000000000000000000000000000000
  45. '# 0000000000000000000000000000000000000000000000000000000000000000
  46. '# 0000000000000000000000000000000000000000000000000000000000000000
  47. '# 0000000000000000000000000000000000000000000000000000000000000000
  48. '# 0000000000000000000000000000000000000000000000000000000000000000
  49. '# 0000000000000000000000000000000000000000000000000000000000000000
  50. '# 0000000000000000000000000000000000000000000000000000000000000000
  51. '# 0000000000000000000000000000000000000000000000000000000000000000
  52. '# 0000000000000000000000000000000000000000000000000000000000000000
  53. '# 6810C04000FF152080400083C40433C0C3909090909090909090909090909090
  54. '# 558BEC6AFF6840804000686041400064A100000000506489250000000083EC20
  55. '# 5356578965E88365FC006A01FF152C80400059830D40C04000FF830D44C04000
  56. '# FFFF15288040008B0D3CC040008908FF15248040008B0D38C040008908A10080
  57. '# 40008B00A348C04000E8C3000000833D20C0400000750C684E414000FF151C80
  58. '# 400059E894000000680CC040006808C04000E87F000000A134C040008945D88D
  59. '# 45D850FF3530C040008D45E0508D45D4508D45E450FF15148040006804C04000
  60. '# 6800C04000E84C000000FF15108040008B4DE08908FF75E0FF75D4FF75E4E8FD
  61. '# FEFFFF83C4308945DC50FF150C8040008B45EC8B088B09894DD05051E80F0000
  62. '# 005959C38B65E8FF75D0FF1504804000FF2508804000FF251880400068000003
  63. '# 006800000100E81B0000005959C333C0C3C3CCCCCCCCCCCCCCCCCCCCCCCCCCCC
  64. '# FF2530804000FF25348040000000000000000000000000000000000000000000
  65. '# 0000000000000000000000000000000000000000000000000000000000000000
  66. '# 0000000000000000000000000000000000000000000000000000000000000000
  67. '# 0000000000000000000000000000000000000000000000000000000000000000
  68. '# 0000000000000000000000000000000000000000000000000000000000000000
  69. '# 24810000C6800000CE800000DC800000E4800000F48000000481000010810000
  70. '# B080000034810000448100005281000064810000788100000000000000000000
  71. '# FFFFFFFF1041400024414000748000000000000000000000BA80000000800000
  72. '# 000000000000000000000000000000000000000024810000C6800000CE800000
  73. '# DC800000E4800000F48000000481000010810000B08000003481000044810000
  74. '# 528100006481000078810000000000009E027072696E746600004D5356435254
  75. '# 2E646C6C0000D3005F657869740048005F5863707446696C7465720049026578
  76. '# 6974000064005F5F705F5F5F696E6974656E760058005F5F6765746D61696E61
  77. '# 726773000F015F696E69747465726D0083005F5F736574757365726D61746865
  78. '# 727200009D005F61646A7573745F6664697600006A005F5F705F5F636F6D6D6F
  79. '# 646500006F005F5F705F5F666D6F6465000081005F5F7365745F6170705F7479
  80. '# 70650000CA005F6578636570745F68616E646C6572330000B7005F636F6E7472
  81. '# 6F6C667000000000000000000000000000000000000000000000000000000000
  82. '# 0000000000000000000000000000000000000000000000000000000000000000
  83. '# 0000000000000000000000000000000000000000000000000000000000000000
  84. '# 0000000000000000000000000000000000000000000000000000000000000000
  85. '# 0000000000000000000000000000000048656C6C6F20776F726C64210A000000
  86. '# 0100000000000000000000000000000000000000000000000000000000000000
  87. '# 0000000000000000000000000000000000000000000000000000000000000000
  88. '# 0000000000000000000000000000000000000000000000000000000000000000
  89. '# 0000000000000000000000000000000000000000000000000000000000000000
  90. '# 0000000000000000000000000000000000000000000000000000000000000000
  91. '# 0000000000000000000000000000000000000000000000000000000000000000
  92. '# 0000000000000000000000000000000000000000000000000000000000000000
  93. '# 0000000000000000000000000000000000000000000000000000000000000000
  94. '# 0000000000000000000000000000000000000000000000000000000000000000
  95. '# 0000000000000000000000000000000000000000000000000000000000000000
  96. '# 0000000000000000000000000000000000000000000000000000000000000000
  97. '# 0000000000000000000000000000000000000000000000000000000000000000
  98. '# 0000000000000000000000000000000000000000000000000000000000000000
  99. '# 0000000000000000000000000000000000000000000000000000000000000000
  100. '# 0000000000000000000000000000000000000000000000000000000000000000
  101. '# 0000000000000000000000000000010010000000180000800000000000000000
  102. '# 0000000000000100010000003000008000000000000000000000000000000100
  103. '# 0C04000048000000600001003803000000000000000000000000000000000000
  104. '# 380334000000560053005F00560045005200530049004F004E005F0049004E00
  105. '# 46004F0000000000BD04EFFE0000010000000100010000000000010001000000
  106. '# 3F00000000000000040004000100000000000000000000000000000098020000
  107. '# 010053007400720069006E006700460069006C00650049006E0066006F000000
  108. '# 7402000001003000340030006300300034006200300000001800000001004300
  109. '# 6F006D006D0065006E0074007300000020000000010043006F006D0070006100
  110. '# 6E0079004E0061006D00650000000000500014000100460069006C0065004400
  111. '# 650073006300720069007000740069006F006E0000000000480065006C006C00
  112. '# 6F00200077006F0072006C00640021002000730061006D0070006C0065000000
  113. '# 36000B000100460069006C006500560065007200730069006F006E0000000000
  114. '# 31002C00200030002C00200030002C0020003100000000002C00060001004900
  115. '# 6E007400650072006E0061006C004E0061006D0065000000480065006C006C00
  116. '# 6F0000006400200001004C006500670061006C0043006F007000790072006900
  117. '# 670068007400000043006F0070007900720069006700680074002000A9002000
  118. '# 32003000300038002000470069006C006C006500730020004C00410055005200
  119. '# 45004E00540000002800000001004C006500670061006C005400720061006400
  120. '# 65006D00610072006B007300000000003C000A0001004F007200690067006900
  121. '# 6E0061006C00460069006C0065006E0061006D0065000000480065006C006C00
  122. '# 6F002E0065007800650000002000000001005000720069007600610074006500
  123. '# 4200750069006C00640000002C0006000100500072006F006400750063007400
  124. '# 4E0061006D00650000000000480065006C006C006F0000003A000B0001005000
  125. '# 72006F006400750063007400560065007200730069006F006E00000031002C00
  126. '# 200030002C00200030002C002000310000000000200000000100530070006500
  127. '# 6300690061006C004200750069006C0064000000440000000100560061007200
  128. '# 460069006C00650049006E0066006F0000000000240004000000540072006100
  129. '# 6E0073006C006100740069006F006E00000000000C04B0040000000000000000
  130. '# 0000000000000000000000000000000000000000000000000000000000000000
  131. '# 0000000000000000000000000000000000000000000000000000000000000000
  132. '# 0000000000000000000000000000000000000000000000000000000000000000 

Le script décodeur Hello.vbs au format texte peut maintenant être copié dans le presse-papier puis recréé sur le serveur distant avec par exemple l'éditeur de texte notepad.exe. Il suffira ensuite d'exécuter le script décodeur Hello.vbs sur le serveur distant pour regénérer automatiquement le fichier binaire Hello.exe. Le fichier binaire sera toujours créé dans le répertoire courant :

                                                                                
WSH D:\Test> @cscript //nologo Hello.vbs                                        
ReGenerating Hello.exe ...                                                      
Done.                                                                           
                                                                                

Téléchargement :

Guide PDF : -
Archive : EmbedFileInVBScript.zip

Liens utiles :

Encoding Binary Data into Batch Code
http://www.infionline.net/~wtnewton/batch/conv2bat.htm

Distributing binary files within VBScript
http://www.valls.name/articles/VBScript_binary_files_in_vbs/binary_files_in_vbs_en.html