Information Security Experiment Five Computer Virus and Hacker Experiment Script [Malicious Webpage Virus Demo & Virus Production & Trojan Horse Bundling]

Dingdu! Here is the compilation of Xiao Ah Woo's study course materials. A good memory is not as good as a bad pen. Today is also a day to make progress. Let's advance together!

1. Script and malicious web virus demonstration experiment

Check the script code in "Script and Malicious Web Virus.rar", modify the txt to html file, test, some codes are flawed and need to be modified, mainly "copy .txt" and "delete .txt", when the target file If the folder does not exist, you must first create the target folder. Please VBScript脚本代码create the current folder yourself . All modified codes (4 html files) and corresponding representative screenshot files.

实验解析，四个脚本代码的操作步骤大致相同。

共同的前提是选择一个浏览器（此处小啊呜选择了IE浏览器），
找到相关安全设置将其安全程度调到最低。

之后再进行相关操作。

1. Create a file

创建.html

<HTML>
<HEAD>
<TITLE>创建文件c:\TEST.HTM</TITLE>
<SCRIPT LANGUAGE="VBScript">
<!--
Dim fso, f1
Set fso = CreateObject("Scripting.FileSystemObject")
Set f1 = fso.CreateTextFile("c:\TEST.HTM", True)
-->
</SCRIPT>
</HEAD>
<BODY>

Select the selected browser to open 创建.htmland allow blocked content.

Allow interaction.

Check the results!
The file was successfully created.

2. Copy files

Note that mu_sFilePath is the path of your desktop.

拷贝.html

<HTML>
<HEAD>
<TITLE>复制c:\TEST.HTM文件到桌面</TITLE>
<SCRIPT LANGUAGE="VBScript">
<!--
   Dim mu_sFilePath,mu_sFileName
   mu_sFilePath = "C:\Users\Floret\Desktop\"   '注意此处为自己桌面的路径
   mu_sFileName = mu_sFilePath & "TEST.HTM"
   
   Dim fso, tf
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set tf = fso.GetFile("c:\TEST.HTM")
   
   if(fso.FolderExists(mu_sFilePath)) Then                     '检测文件夹是否存在
    MsgBox "文件夹已存在"
    MsgBox "文件拷贝成功！"
	tf.Copy ("C:\Users\Floret\Desktop\TEST.HTM")
else
    MsgBox "文件夹不存在"
    fso.CreateFolder(mu_sFilePath)	'创建文件夹
	tf.Copy ("C:\Users\Floret\Desktop\TEST.HTM")
end if

-->
</SCRIPT>
</HEAD>
<BODY>

The copy is successful!

3. Delete files

删除.html：
<HTML>
<HEAD>
<TITLE>删除桌面上的TEST.HTM</TITLE>
<SCRIPT LANGUAGE="VBScript">
<!--
   Dim fso, tf
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set tf = fso.GetFile("C:\Users\Floret\Desktop\TEST.HTM")
   tf.Delete
   MsgBox "文件已删除!"
-->
</SCRIPT>
</HEAD>
<BODY>

4. Modify files

修改.html:
<HTML>
<HEAD>
<TITLE>修改文件内容c:\TEST.HTM</TITLE>
<SCRIPT LANGUAGE="VBScript">
<!--
   Dim fso, tf
   Set fso = CreateObject("Scripting.FileSystemObject")
   Set tf = fso.CreateTextFile("c:\TEST.HTM", True)
   ' 写一行，并带有一个换行字符。
   tf.WriteLine("<html><body>由网页脚本的方式修改已存在文件内容成功</body></html>") 
   '  向文件写三个换行字符。      
   tf.WriteBlankLines(3) 
   ' 写一行。
   tf.Write ("This is a test.") 
   tf.Close
-->
</SCRIPT>
</HEAD>
<BODY>

Acceptance results!
The target file was successfully modified.

2. Detailed virus explanation and batch virus production

Check the file "Detailed virus explanation and batch virus production: self-start, password change, scheduled shutdown, blue screen, process shutdown.mhtml", select at least 2 items among them, perform practical operations and take screenshots:

Shutdown bat script

The simplest blue screen bomb file

Extension virus

3. Trojan Bundle Simulation Experiment

See the blog post for the process notes:

https://blog.csdn.net/qq_43543789/article/details/108742518

Ending!
More course knowledge learning records will come later!

就酱，嘎啦！

Note:
Life is diligent, nothing is gained.