1.已知写出bat延迟执行能够删除自身或更新自身
2.把exe写入虚拟磁盘运行再删除虚拟磁盘可以实现exe隐蔽运行
3.bbs.125.la/forum.php?mod=viewthread&tid=14139498 构造畸形目录隐藏自身,好像只能位于系统盘生效
4.135K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2j5%4y4V1L8W2)9J5k6h3&6W2N6q4)9J5c8X3#2A6j5%4u0G2P5X3!0F1k6g2)9J5c8X3q4J5N6r3W2U0L8r3g2Q4x3V1k6V1k6i4c8S2K9h3I4K6i4K6u0r3x3K6R3#2y4e0j5#2x3U0V1`. 方法4以临时文件打开创建进程
5.d8bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1j5Y4y4Q4x3X3f1I4x3U0g2Q4x3X3g2D9j5g2)9J5c8Y4c8Z5M7X3g2S2k6q4)9J5k6o6p5@1x3o6t1@1y4U0p5I4i4K6u0V1x3g2)9J5k6o6q4Q4x3X3g2Z5N6r3#2D9构造shellcode
6.d32K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1j5Y4y4Q4x3X3f1I4x3U0g2Q4x3X3g2D9j5g2)9J5c8X3k6G2M7Y4g2E0i4K6u0W2M7r3S2H3i4K6y4r3L8h3!0V1i4K6y4p5N6X3W2W2N6%4c8Z5M7X3g2S2k6q4)9J5y4X3q4E0M7q4)9K6b7Y4c8A6k6q4)9K6c8o6p5@1y4K6f1J5z5e0b7K6加载dll后删除它
[招生]系统0day安全班,企业级设备固件漏洞挖掘,Linux平台漏洞挖掘!