So about a year ago i was working on a little project and i was looking for something to have some dynamic colors in batch (to change only a few words' color for example). I found this :
[CODE INTRO]
call :TXTCOLOR
set COLOR=TXTCOLOR.exe
[CODE]
:TXTCOLOR
Echo.Const W=^2>t.vbs&Echo.Set o=WScript.StdOut>>t.vbs
For %%b In (
"4D53434600000000BA030000000000002C000000000000000301010001000000000000"
"004900000001000100D20700000000000000009E3B8A662000747874636F6C6F722E65"
"78650063EB078D6903D207434BDD544B681341189E6D538D35352AE2030F4EC44A458D"
"55113C88D4C75A85AA5B5A2F8AD66D324997A6BB7177A2297868498B9450ECA182871E"
"7AF0E0C183878AA98844DA83828288074FE24549B1A00785452AEB3F8F3C5A7C54BD39"
"F0E77F7FF3CD9FD9397976045523847C209E87500E89D5847EBFFA40566C7AB0024D2C"
"7B1ECA292DCF43ED5D868393B615B7F51E1CD14DD3A2B893603B6562C3C4474FB7E11E"
"2B4AC27575B55B2486A622D4A254CDC37D8B82D5CB9525F3624DABE167250896EC985D"
"25782354D6A851C4A70F237E2E5EB8B25297145F1701EFC022CEFAA76B0C70F7FF221F"
"A6244D8B644036540BDE950B202E86A33AD5C17EA188C04BA6E78F864D23FFB73CCF0C"
"BDEB9F6D006324ABFA33AE2F38180016593590C9FBB2FED6C228789969DF903AC7637E"
"16EB2BC6DCAC3A9771157E6782A3F9C17C7060032A77071F295AE19C289EB9C413505E"
"5559DEB4B07C872867B97D15B9CC6385A7EBCAE9B5909EA945F2CACE0498C586F3A146"
"04D80FA7EDFE8CA25FEE995704C53298E865C7630D5F7983CBCC8F254E93EC8F6B9D64"
"95AD6C28190E12280D6AB2767E3E52CC33D47ED7637CAE8D0BE48C8B8203AB8AB6121C"
"A86124328CCE17CFF3B44258617C3E0FAB6FB4ACFA592B6C55F830FBDFB24F5684362A"
"9259207BD21D525F0F3E9530FC544B71139A616EAE062CE8789D455A0E31BBC04E0BCC"
"82F7D5F702EA45690EEB99E5E75553BCCAC747CCE7F374AA747FD6B0FB9313439BCDB1"
"0F0FB091025D3778979F776985EB0263589DD578B5360CDB0DAB2EC89C56E8E5D9358C"
"02CC010462E7BF791E9FDAA7ACFA492B5C1000B0B5573F86D9E5F1EAC7A5BE25F56DA9"
"A7A57E22F533A9EF487D57EA09A973523FC48B79FBFE9755EFD43B08AE084DD38895B0"
"EC304913DCA947BAE3B69532A30D8D3B8F6D8B5936A970E181374C7A8A5C69314CD2D0"
"B86BF736BC997611CC5EB4CDB50BF05FE1B21D08897771AE22761562D3F8C7DCD6410E"
"836C07D9077210A419A41D8480A442A26E08F44D907BA17FEBEB712E476C1A8E2612E0"
"38D44E10130CC349478DB841B959B4204B2D56C6671103A3236299D4B612B124733A1C"
"423BF464B283F626090FC409EDD10D53B7E30EF8240D30DDC4364962EF1EB96333A16D"
"347A5C37A30922DC2396E95809D216B109310FA76231629F30631624DB4AC97698FA21"
) Do >>t.vbs (
Echo.For b=1To 69Step 2:o.Write Chr(Clng("&H"^&Mid(%%b,b,W^)^)^):Next)
For %%b In ("4A6DA33345591BFA0E"
) Do >>t.vbs (
Echo.For b=1To 17Step 2:o.Write Chr(Clng("&H"^&Mid(%%b,b,W^)^)^):Next)
Cscript /Nologo t.vbs > TXTCOLOR.ex_
Del /f /q /a t.vbs >nul 2>&1
Expand -r TXTCOLOR.ex_ >nul 2>&1
Del /f /q /a TXTCOLOR.ex_ >nul 2>&1
Goto :Eof
:----------------------------------------------
[END]
This generates a .exe that allows us to change the color within the batch file with the following syntax :
%COLOR% [COLOR CODE] [LINE PARAMETER] "[TEXT]"
[COLOR CODE] is the classic cmd color system with the first character being the background id and the second one being the text color id. [LINE PARAMETER] is 0 if it's not the last part of the line or 1 if it is. And of course, [TEXT] is the text.
For example, if i want to write "Hello world test" with "hello" and "test" in white and "world" in light green (everything with back baground), it should look like this:
%COLOR% 0F 0 "Hello "
%COLOR% 0A 0 "world "
%COLOR% 0F 1 "test"
I put 1 on the last one because it's the end of the line.
Finally, we come to my question : how does the thing work ? I mean, using a batch we're generating a .exe capable of being used as a command in the CMD. But how to generate one that is working ?
Thank you if you at least read until here, even if you don't have any answer. Have a nice day ;)
CodePudding user response:
The code is echo
ing a lot of stuff into (>>
) the file t.vbs
, i.e. it is creating a VBScript file.
The VBScript file is then executed (Cscript /Nologo t.vbs
) and the output of the VBScript is written into TXTCOLOR.ex_
.
Since TXTCOLOR.ex_
is a compressed file, it is Expand
ed, which will give you TXTCOLOR.exe
which can be executed.
But how to generate one that is working?
If you want to do the same for a different executable, just reverse the order of steps:
- create an executable
- compress it so that it has less bytes
- get a hex dump of it
- write a VBScript file which can convert the hex dump into a binary file
- Write a batch file that writes a VBScript file
But: if you just want to execute some code, you can implement that in the executable right away. It's less error prone and less effort. Obfuscating stuff like that makes it suspicious.