[新手上路]批处理新手入门导读[视频教程]批处理基础视频教程[视频教程]VBS基础视频教程[批处理精品]批处理版照片整理器
[批处理精品]纯批处理备份&还原驱动[批处理精品]CMD命令50条不能说的秘密[在线下载]第三方命令行工具[在线帮助]VBScript / JScript 在线参考
返回列表 发帖
codegay

Rank: 6Rank: 6

帖子
1266 
积分
1775 
技术
162  
捐助
0  
注册时间
2015-12-12 
1 跳转到 »
发表于 2016-8-28 13:40 | 显示全部帖子
本帖最后由 codegay 于 2016-8-28 16:54 编辑

编码后再解码,比如用base64编码。是更简单通用的玩法吧?
x64的系统已经不带debug了
去学去写去用才有进步。安装python3代码存为xx.py 双击运行或右键用IDLE打开按F5运行

TOP

codegay

Rank: 6Rank: 6

帖子
1266 
积分
1775 
技术
162  
捐助
0  
注册时间
2015-12-12 
2
发表于 2016-8-28 14:11 | 显示全部帖子
回复 5# wskwfkbdn


    我又不玩VBS。
不过道理上相通。
base64的编码方法在很多语言里都有标准库。

#以下python3 代码是把wget.exe 的二进制流经过base64编码,然后再把base64编码的字符串还原成xxx.exe,测试还能运行。
  1. """

  2. python base64 模块学习

  3. #2016年8月28日 13:50:30 codegay

  4. 

  5. """

  6. 

  7. import base64

  8. 

  9. with open("wget.exe","rb") as f:

  10.     txt=base64.encodebytes(f.read())

  11. 

  12. 

  13. with open("xxx.exe","wb") as f:

  14.     f.write(base64.standard_b64decode(txt.decode()))
复制代码
去学去写去用才有进步。安装python3代码存为xx.py 双击运行或右键用IDLE打开按F5运行

TOP

codegay

Rank: 6Rank: 6

帖子
1266 
积分
1775 
技术
162  
捐助
0  
注册时间
2015-12-12 
3
发表于 2016-8-28 15:50 | 显示全部帖子
python3

我把sleep.exe 编码成了字符串。
sleep.exe 是一个第三方命令行工具,用来延迟的。

运行以下python代码可以还原得到resleep.exe
  1. import base64

  2. 

  3. ss = """TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  4. AAAA4AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v

  5. ZGUuDQ0KJAAAAAAAAAD+ls8EuvehV7r3oVe696FXOf+uV7v3oVe696BXrvehVzn//Fe/96FXNP/+

  6. V7T3oVc5//9Xu/ehVzn/+1e796FXUmljaLr3oVcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQRQAA

  7. TAEDAAmhoD4AAAAAAAAAAOAADwELAQcKAAgAAAAIAAAAAAAA7hIAAAAQAAAAIAAAAAAAAQAQAAAA

  8. AgAABQACAAUAAgAEAAAAAAAAAABAAAAABAAAq6UAAAMAAIAAAAQAACAAAAAAEAAAEAAAAAAAABAA

  9. AAAAAAAAAAAAAPAUAAA8AAAAADAAAAgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgEAAAHAAA

  10. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgRAABAAAAAAAAAAAAAAAAAEAAAUAAAAAAAAAAAAAAA

  11. AAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAjgYAAAAQAAAACAAAAAQAAAAAAAAAAAAAAAAAACAAAGAu

  12. ZGF0YQAAACQAAAAAIAAAAAIAAAAMAAAAAAAAAAAAAAAAAABAAADALnJzcmMAAAAIBAAAADAAAAAG

  13. AAAADgAAAAAAAAAAAAAAAAAAQAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  14. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  15. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  16. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  17. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  18. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  19. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  20. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGIW

  21. AABqFgAAAAAAAJgVAACmFQAAsBUAALgVAADEFQAA1BUAAOAVAACQFQAABBYAABQWAAAiFgAANBYA

  22. AFQWAACGFQAA9BUAAHwVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJoaA+AAAAAAIAAAAaAAAA

  23. cBEAAHAFAAAgICAgICAgICVzIFstY10gY29tbWl0ZWQtbWVtb3J5IHJhdGlvICgxJSUtMTAwJSUp

  24. CgAAICAgICAgICAlcyBbLW1dIHRpbWUtdG8tc2xlZXAtaW4tbWlsbGlzZWNvbmRzCgAAVXNhZ2U6

  25. ICAlcyAgICAgIHRpbWUtdG8tc2xlZXAtaW4tc2Vjb25kcwoAAAAtYwAALW0AAAAAAAD/////OhQA

  26. AU4UAAEAAAAASAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  27. AAAAAAAAAAAAAAAABCAAAcARAAEBAAAATkIxMAAAAAAJoaA+AQAAAHNsZWVwLnBkYgAAAAAAAAAA

  28. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADkFAAAVos1SBAA

  29. AVeLfCQMV2jgEAAB/9ZXaLAQAAH/1ldofBAAAf/Wg8QYX17CBACLVCQEM8DrFYD5MHwYgPk5fxMP

  30. vsmNBICNREHQQooKhMl15esDg8j/wgQAVYvsg+wsg030/4NN/P+DfQgCU4tdDFbHRfjoAwAAdQ3/

  31. cwTorf///4lF/OtZagNZOU0IdVeLcwRXvxARAAEzwPOmdRL/cwjoif///4lF/MdF+AEAAACLcwRq

  32. A1m/DBEAATPA86ZfdR7/cwjoZf///4P4ZIlF9H8Ox0X8CgAAAMdF+AEAAACDffz/dQz/M+gW////

  33. M8BA6zeLdfSD/v90H41F1FD/FQQQAAE5ddh8HotF+A+vRfxQ/xUAEAAB6+GLRfgPr0X8UP8VABAA

  34. ATPAXlvJw2ooaBgRAAHongEAAGaBPQAAAAFNWnUooTwAAAGBuAAAAAFQRQAAdRcPt4gYAAABgfkL

  35. AQAAdCGB+QsCAAB0BoNl5ADrKoO4hAAAAQ528TPJOYj4AAAB6xGDuHQAAAEOdt4zyTmI6AAAAQ+V

  36. wYlN5INl/ABqAf8VNBAAAVmDDRggAAH/gw0cIAAB//8VMBAAAYsNFCAAAYkI/xUsEAABiw0QIAAB

  37. iQihRBAAAYsAoyAgAAHo7QAAAIM9ACAAAQB1DGiSFAAB/xUkEAABWejBAAAAaFwQAAFoWBAAAeis

  38. AAAAoQwgAAGJRdyNRdxQ/zUIIAABjUXgUI1F2FCNRdRQ/xUcEAABiUXMaFQQAAFoUBAAAeh2AAAA

  39. i0Xgiw0YEAABiQH/deD/ddj/ddTo/v3//4PEMIvwiXXIg33kAHUHVv8VFBAAAf8VEBAAAesti0Xs

  40. iwiLCYlN0FBR6CkAAABZWcOLZeiLddCDfeQAdQdW/xUoEAAB/xVAEAABg038/4vG6GEAAADDzP8l

  41. DBAAAf8lIBAAAWgAAAMAaAAAAQDoWwAAAFlZwzPAw8zMzGjkFAABZKEAAAAAUItEJBCJbCQQjWwk

  42. ECvgU1ZXi0X4iWXoUItF/MdF/P////+JRfiNRfBkowAAAADDi03wZIkNAAAAAFlfXlvJUcP/JTgQ

  43. AAH/JTwQAAE4FQAAAAAAAAAAAABIFgAADBAAACwVAAAAAAAAAAAAAIAWAAAAEAAAAAAAAAAAAAAA

  44. AAAAAAAAAAAAAABiFgAAahYAAAAAAACYFQAAphUAALAVAAC4FQAAxBUAANQVAADgFQAAkBUAAAQW

  45. AAAUFgAAIhYAADQWAABUFgAAhhUAAPQVAAB8FQAAAAAAAO8CcHJpbnRmAADKAF9jX2V4aXQA+wBf

  46. ZXhpdABOAF9YY3B0RmlsdGVyAM0AX2NleGl0AACaAmV4aXQAAHEAX19pbml0ZW52AHAAX19nZXRt

  47. YWluYXJncwBAAV9pbml0dGVybQCeAF9fc2V0dXNlcm1hdGhlcnIAALsAX2FkanVzdF9mZGl2AACD

  48. AF9fcF9fY29tbW9kZQAAiABfX3BfX2Ztb2RlAACcAF9fc2V0X2FwcF90eXBlAADyAF9leGNlcHRf

  49. aGFuZGxlcjMAAG1zdmNydC5kbGwAANsAX2NvbnRyb2xmcAAASQNTbGVlcAD6AUdsb2JhbE1lbW9y

  50. eVN0YXR1cwAAS0VSTkVMMzIuZGxsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  51. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  52. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  53. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  54. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  55. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  56. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAE7m

  57. QLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  58. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  59. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  60. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  61. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  62. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  63. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  64. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  65. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  66. AAAAAAAAAAEAEAAAABgAAIAAAAAAAAAAAAAAAAAAAAEAAQAAADAAAIAAAAAAAAAAAAAAAAAAAAEA

  67. CQQAAEgAAABgMAAApAMAAAAAAAAAAAAAAAAAAAAAAACkAzQAAABWAFMAXwBWAEUAUgBTAEkATwBO

  68. AF8ASQBOAEYATwAAAAAAvQTv/gAAAQACAAUAAADODgIABQAAAM4OPwAAAAgAAAAEAAQAAQAAAAAA

  69. AAAAAAAAAAAAAAIDAAABAFMAdAByAGkAbgBnAEYAaQBsAGUASQBuAGYAbwAAAN4CAAABADAANAAw

  70. ADkAMAA0AEIAMAAAAEwAFgABAEMAbwBtAHAAYQBuAHkATgBhAG0AZQAAAAAATQBpAGMAcgBvAHMA

  71. bwBmAHQAIABDAG8AcgBwAG8AcgBhAHQAaQBvAG4AAAA8AAoAAQBGAGkAbABlAEQAZQBzAGMAcgBp

  72. AHAAdABpAG8AbgAAAAAASQBEAFcAIAB0AG8AbwBsAHMAAABwACgAAQBGAGkAbABlAFYAZQByAHMA

  73. aQBvAG4AAAAAADUALgAyAC4AMwA3ADkAMAAuADAAIABiAHUAaQBsAHQAIABiAHkAOgAgAGQAbgBz

  74. AHIAdgBfAGQAZQB2ACgAdgAtAHMAbQBnAHUAbQApAAAATgAXAAEASQBuAHQAZQByAG4AYQBsAE4A

  75. YQBtAGUAAABTAGwAZQBlAHAALgBFAHgAZQAgAGEAbgBkACAAQgBlAGUAcAAuAEUAeABlAAAAAACA

  76. AC4AAQBMAGUAZwBhAGwAQwBvAHAAeQByAGkAZwBoAHQAAACpACAATQBpAGMAcgBvAHMAbwBmAHQA

  77. IABDAG8AcgBwAG8AcgBhAHQAaQBvAG4ALgAgAEEAbABsACAAcgBpAGcAaAB0AHMAIAByAGUAcwBl

  78. AHIAdgBlAGQALgAAAFYAFwABAE8AcgBpAGcAaQBuAGEAbABGAGkAbABlAG4AYQBtAGUAAABTAGwA

  79. ZQBlAHAALgBFAHgAZQAgAGEAbgBkACAAQgBlAGUAcAAuAEUAeABlAAAAAABqACUAAQBQAHIAbwBk

  80. AHUAYwB0AE4AYQBtAGUAAAAAAE0AaQBjAHIAbwBzAG8AZgB0AK4AIABXAGkAbgBkAG8AdwBzAK4A

  81. IABPAHAAZQByAGEAdABpAG4AZwAgAFMAeQBzAHQAZQBtAAAAAAA6AAsAAQBQAHIAbwBkAHUAYwB0

  82. AFYAZQByAHMAaQBvAG4AAAA1AC4AMgAuADMANwA5ADAALgAwAAAAAABEAAAAAQBWAGEAcgBGAGkA

  83. bABlAEkAbgBmAG8AAAAAACQABAAAAFQAcgBhAG4AcwBsAGEAdABpAG8AbgAAAAAACQSwBAAAAAAA

  84. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  85. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  86. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  87. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  88. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  89. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  90. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  91. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  92. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="""

  93. 

  94. with open("resleep.exe","wb") as f:

  95.     f.write(base64.standard_b64decode(ss))
复制代码
去学去写去用才有进步。安装python3代码存为xx.py 双击运行或右键用IDLE打开按F5运行

TOP

codegay

Rank: 6Rank: 6

帖子
1266 
积分
1775 
技术
162  
捐助
0  
注册时间
2015-12-12 
4
发表于 2016-8-29 00:57 | 显示全部帖子
PowerShell 脚本中嵌入二进制文件
http://www.pstips.net/powershell ... in-your-script.html
去学去写去用才有进步。安装python3代码存为xx.py 双击运行或右键用IDLE打开按F5运行

TOP

codegay

Rank: 6Rank: 6

帖子
1266 
积分
1775 
技术
162  
捐助
0  
注册时间
2015-12-12 
5
发表于 2016-9-13 08:01 | 显示全部帖子
回复 9# B魔方大人


   光给出一个“最NB的”解决方向,但是没有可行性或者很难实现,是没用的。

类似“坐直升机上班快”这种建议对大家真的一点用的都没有。因为都造不出直升机也买不起。
去学去写去用才有进步。安装python3代码存为xx.py 双击运行或右键用IDLE打开按F5运行

TOP

返回列表