Google

2011-05-15

On Hacking Windows with Scripting Tools

It's been a while since I installed my new PC and as I install more and more apps over time, the list of those that creep into system start-up increases. so, I ran ever-useful Autoruns and deleted the unnecessary ones.

It's not always easy to recognize what each executable is all about. E.g. "JMB36X IDE Setup" is the title of an app here: %windir%\RaidTool\xInsIDE.exe. At the end, it was harmless and I had it probably b/c I have a JMicron JMB36X chipset on the motherboard and vendor installed all the utils (Although I did not have a RAID config).

Anywho, sometime ago I had noticed that "gathernetworkinfo.vbs" was scheduled to run every week on my Win7 and tracked it down to a Microsoft script but while looking up its uses I found a good white-paper from Sans.org titled "Using Windows Script Host and COM to hack Windows". All that stuff is even more relevant as PowerShell is gaining in popularity and thanks to .NET PowerShell has even more power than WScript ever had.