Following is the hybrid batch script:
<!-- :: Batch section
@echo off
setlocal
echo Select an option:
for /F "delims=" %%a in ('mshta.exe "%~F0"') do set "HTAreply=%%a"
echo End of HTA window, reply: "%{HTAreply}%"
pause
goto :EOF
-->
<HTML>
<HEAD>
<HTA:APPLICATION SCROLL="no" SYSMENU="no" >
<TITLE>HTA Buttons</TITLE>
<SCRIPT language="JavaScript">
window.resizeTo(374,100);
function closeHTA(reply){
var fso = new ActiveXObject("Scripting.FileSystemObject");
fso.GetStandardStream(1).WriteLine(reply);
window.close();
}
</SCRIPT>
</HEAD>
<BODY>
<button onclick="closeHTA(1);">First option</button>
<button onclick="closeHTA(2);">Second option</button>
<button onclick="closeHTA(3);">Third option</button>
</BODY>
</HTML>
Output:
I obfuscated it as stated here : [Post#21] https://www.dostips.com/forum/viewtopic.php?t=7990&start=15
but then the HTA app output isn't as before. It is as follows:
The entire batch content is displayed in the HTML window.
I want to know why this happens and secondly is there any way to obfuscate this hybrid batch script Same happens when I try to convert the batch file to exe.
Edit
Problem solved. There was an error in html code. apologies. I would have edited to show the problem but I guess it was too trivial to do that.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/AivMC.png', '推荐 闹够了就滚 的文章《obfuscating batch+HTA hybrid script》','https://www.manongdao.com/article-1986729.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}