if ($argc < 3) {
	echo "Usage: $argv[0] <IP to scan> <port> (either 139 or 445)";
	echo "You provided $argc arguments";
	return false;
}

string $scriptsdir = GetEnv("SCRIPTSDIR");

# D:\OPSDisk\Resources\EP\Scripts\
string $emthexe = "$scriptsdir\\..\\..\\..\\Exploits\\EMTH15~1.1\\emth.exe";

string $doNB = "";

if ($argv[2] == "139") {
	$doNB = " -b 1 ";
}

@record on;
if (`background redirect -tcp -lplisten 5555 -target $argv[1] $argv[2] -nodes 40`) {
	echo "This touch can take a while, so you can background this if you'd like (if you do, you'll have to look at the output file yourself, and don't close the redirector!).";	
	@record off;

	int $redirectID = GetCmdData("LastCommandId");

	@echo on;	
	`local run -command "cmd /C $emthexe $doNB -r 2 -i 127.0.0.1 -p 5555 > $scriptsdir\\emthtouch.txt" -redirect`;
	sleep (500);
	
	
	@record on;
	`local grep -mask "$scriptsdir\\emthtouch.txt" -pattern "IS vulnerable"`;
	@record off;

	if (prompt "Close the redirect now?") {
		`stop $redirectID`;

	}
	
	
}
@record off;