Executing external application with JavaScript

8

What code should I use to start an external application from a computer from an HTML page?

One more time I was told that this code would be in JavaScript:

var shwll = new ShellObject();
var hproc="C:\Windows\notepad.exe";
shwll.exec(hproc);

But I did not get any results.

    
asked by anonymous 17.08.2014 / 04:31

3 answers

8

HTML is not a programming language. It is not with HTML that this is possible, but rather with scripting languages such as Javascript and VBScript.

With no language you can do this from a browser . The reason is security. If it were possible to run programs arbitrarily on the client machine, it would not be difficult for a hacker to force a malicious code to be compiled and run on his machine. At the very least you would have to get all the passwords stored on your computer, and in the worst case you would give access to your bank accounts to a stranger.

Windows has an executable called Wscript.exe. I'll leave it to anyone who is curious to meet you. This executable is able to execute Javascript locally, with administrator permissions. The environment is different from the browser - you will not have access to various things like Web Storage . On the other hand, objects like ShellObject become accessible, and you can even manipulate files.

I'm not an expert at Node.js , but since it's a server environment and not a client, you're able to access more operating system resources with it than via browser in a way. But I'm not sure if it is able to access ShellObject .

In addition to the node and Wscript, there are a number of other Javascript environments that allow to foe alien machines and destroy files to access operating system components less restrictively than via browser. It's just a matter of searching.

Now, if the intention was to actually access the shell from the browser ... Instead of Javascript use COM or ActiveX components. And understand that this will probably only work in Internet Explorer, version 6 or lower. Good luck.

    
17.08.2014 / 13:09
5

Not possible, the best you can do is explicitly ask the user to voluntarily send the file to your server and you do something with it on the server. It's a security issue. People are confident that web applications will not put you at risk, so the software that controls this, in the browser case, needs to guarantee this to him. And he will rely on the browsers that do this well.

Of course it is possible through custom browsers or plugins that allow unrestricted access. But do not tell anyone to install something like that on your computer. In fact today nobody wants to install anything, even if it is reliable and only brings advantages.

In addition, you can use the new File API . Not universally available ( is in all modern relevant browsers ) and has several limitations. You can not get the user's file you want. Just what you yourself have produced and have access to, in addition to what you have explicitly authorized by the user.

Execution is not among the possible activities of these files.

    
21.01.2015 / 02:25
0

Run in JavaScript

<script>
 function Execultar(){
 var shell = new ActiveXObject( "WScript.shell" );
 shell.run( '"C:\Windows\System32\notepad.exe"', 1, true );}
</script>

<a href="#" onclick="Execultar();">Iniciar</a>

Running Notepad works in Internet Explorer too untested.

Or this way via VBS in html

<script type="text/vbscript">
    set Shell = CreateObject("WScript.Shell")
    Shell.Exec("cmd /c start notepad.exe")
</script>

Tested on Internet Explorer

I hope I have helped.

    
03.07.2016 / 19:44