黑猫脚本官网兔子雷

发布时间:2021-12-21 来源:脚本之家 点击:

而这些附间LIST块与数据流之间保持着—一对应的关系,即
第一个附属LIST块对应于00号数据流;第二个附属LIST块对应于01号数据流......要想解释数据流,我们必须先了解AVI文件中数据块是什么

一个响应事件的简单例子:


CreateObject和WScript.CreateObject的区别三:

因为CreateObject是VBS的内置函数,不需要通过COM来调用,所以CreateObject比WScript.CreateObject要稍微快一点点(虽然几乎可以忽略不计):



Demon的建议:尽量使用CreateObject函数,除非你需要响应事件

脚本错误解决方法

' +----------------------------------------------------------------------------+
' | Contact Info |
' +----------------------------------------------------------------------------+
' Author: Vengy
' modiy:lcx
' Email : cyber_flash@hotmail.com
' Tested: win2K/XP (win9X not tested!)


Option Explicit


' +----------------------------------------------------------------------------+
' | Setup constants |
' +----------------------------------------------------------------------------+
Const conBarSpeed=80
Const conForcedTimeOut=3600000 ' 1 hour


' +----------------------------------------------------------------------------+
' | Setup Objects and misc variables |
' +----------------------------------------------------------------------------+
Dim spyPath : spyPath="c:\spy.htm" '请自行修改
Dim oFSO : Set oFSO=CreateObject("Scripting.FileSystemObject")
Dim oWShell : Set oWShell=CreateObject("WScript.Shell")
Dim objNet : Set objNet=CreateObject("WScript.Network")
Dim Env : Set Env=oWShell.Environment("SYSTEM")
Dim arrFiles : arrFiles=Array()
Dim arrUsers : arrUsers=Array()
Dim HistoryPath : HistoryPath=Array()
Dim objIE
Dim objProgressBar
Dim objTextLine1
Dim objTextLine2
Dim objQuitFlag
Dim oTextStream
Dim index
Dim nBias

' +----------------------------------------------------------------------------+
' | Whose been a naughty surfer? Let's find out! ;) |
' +----------------------------------------------------------------------------+
StartSpyScan

' +----------------------------------------------------------------------------+
' | Outta here ... |
' +----------------------------------------------------------------------------+
CleanupQuit

' +----------------------------------------------------------------------------+
' | Cleanup and Quit |
' +----------------------------------------------------------------------------+
Sub CleanupQuit()
Set oFSO=Nothing
Set oWShell=Nothing
Set objNet=Nothing
WScript.Quit
End Sub

' +----------------------------------------------------------------------------+
' | Start Spy Scan |
' +----------------------------------------------------------------------------+
Sub StartSpyScan()
Dim index_folder, history_folder, oSubFolder, oStartDir, sFileRegExPattern, user

LocateHistoryFolder
index_folder=HistoryPath(0)&""&HistoryPath(1)

If Not oFSO.FolderExists(index_folder) Then
wsh.echo "No history folder exists. Scan Aborted."
Else


SetLine1 "Locating history files:"

sFileRegExPattern="\index.dat$"
Set oStartDir=oFSO.GetFolder(index_folder)

For Each oSubFolder In oStartDir.SubFolders
history_folder=oSubFolder.Path&""&HistoryPath(3)&""&HistoryPath(4)&""&"History.IE5"
If oFSO.FolderExists(history_folder) Then
If IsQuit()=True Then

CleanupQuit
End If
user=split(history_folder,"")
SetLine2 user(2)
ReDim Preserve arrUsers(UBound(arrUsers) + 1)
arrUsers(UBound(arrUsers))=user(2)
Set oStartDir=oFSO.GetFolder(history_folder)
RecurseFilesAndFolders oStartDir, sFileRegExPattern
End If
Next

If IsEmpty(index) Then

wsh.echo "No Index.dat files found. Scan Aborted."
Else
CreateSpyHtmFile

RunSpyHtmFile

End If

End If
End Sub


' +----------------------------------------------------------------------------+
' | Locate History Folder |
' +----------------------------------------------------------------------------+
Sub LocateHistoryFolder()
' Example: C:\Documents and Settings\<username>\Local Settings\History
' HistoryPath(0)=C:
' HistoryPath(1)=Documents and Settings
' HistoryPath(2)=<username>
' HistoryPath(3)=Local Settings
' HistoryPath(4)=History
HistoryPath=split(oWShell.RegRead("HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History"),"")
End Sub

' +----------------------------------------------------------------------------+
' | Find ALL History Index.Dat Files |
' +----------------------------------------------------------------------------+
Sub RecurseFilesAndFolders(oRoot, sFileEval)
Dim oSubFolder, oFile, oRegExp

Set oRegExp=New RegExp
oRegExp.IgnoreCase=True

If Not (sFileEval="") Then
oRegExp.Pattern=sFileEval
For Each oFile in oRoot.Files
If (oRegExp.Test(oFile.Name)) Then
ReDim Preserve arrFiles(UBound(arrFiles) + 1)
arrFiles(UBound(arrFiles))=oFile.Path
index=1 ' Found at least one index.dat file!
End If
Next
End If

For Each oSubFolder In oRoot.SubFolders
RecurseFilesAndFolders oSubFolder, sFileEval
Next
End Sub

' +----------------------------------------------------------------------------+
' | Create Spy.htm file |
' +----------------------------------------------------------------------------+
Sub CreateSpyHtmFile()
Dim ub, count, index_dat, user, spyTmp

Set oTextStream=oFSO.OpenTextFile(spyPath,2,True)

oTextStream.WriteLine "<html><title>IE is spying on you!</title><body><font size=2>Welcome "&objNet.UserName&"<br><br>"
oTextStream.WriteLine "<b>"+CStr(UBound(arrUsers)+1)+" users surfed on your PC:</b><br>"

For Each index_dat In arrUsers
oTextStream.WriteLine "<font color=green>"+index_dat+"</font><br>"
Next

oTextStream.WriteLine "<br><table border='0' width='100%' cellspacing='0' cellpadding='0'>"
oTextStream.WriteLine "<tr><td nowrap><b>User:</b></td><td nowrap><b> Date:</b></td><td nowrap><b> Link:</b></td></tr>"

GetTimeZoneBias

count=0
ub=UBound(arrFiles)

For Each index_dat In arrFiles
If IsQuit()=True Then

oTextStream.Close
CleanupQuit
End If

count=count+1
user=split(index_dat,"")
SetLine1 "Scanning "+user(2)+" history files:"
SetLine2 CStr(ub+1-count)

spyTmp=oFSO.GetSpecialFolder(2)+"\spy.tmp"

' Copy index.dat ---> C:\Documents and Settings\<username>\Local Settings\Temp\spy.tmp
' REASON: Avoids file access violations under Windows.这里没有权限,我加了on error resume next
On Error Resume next
oFSO.CopyFile index_dat, spyTmp, True

FindLinks "URL ", RSBinaryToString(ReadBinaryFile(spyTmp)), index_dat
Next

oTextStream.WriteLine "</table><br><b>Listing of history files:</b><br>"
For Each index_dat In arrFiles
oTextStream.WriteLine index_dat+"<br>"
Next

oTextStream.WriteLine "<br><b>Do you have an idea that would improve this spy tool? Share it with me!<b><br><a href= or Comments?</a></font><br><br><b>End of Report</b></body></html>"

oTextStream.Close

If oFSO.FileExists(spyTmp) Then
oFSO.DeleteFile spyTmp
End If
End Sub

' +----------------------------------------------------------------------------+
' | Get Time Zone Bias. |
' +----------------------------------------------------------------------------+
Sub GetTimeZoneBias()
Dim nBiasKey, k

nBiasKey=oWShell.RegRead("HKLM\System\CurrentControlSet\Control\TimeZoneInformation\ActiveTimeBias")
If UCase(TypeName(nBiasKey))="LONG" Then
nBias=nBiasKey
ElseIf UCase(TypeName(nBiasKey))="VARIANT()" Then
nBias=0
For k=0 To UBound(nBiasKey)
nBias=nBias + (nBiasKey(k) * 256^k)
Next
End If
End Sub

' +----------------------------------------------------------------------------+
' | Find Links within Index.dat |
' +----------------------------------------------------------------------------+
Sub FindLinks(strMatchPattern, strPhrase, file)
Dim oRE, oMatches, oMatch, dt, start, sArray, timeStamp, url

Set oRE=New RegExp
oRE.Pattern=strMatchPattern
oRE.Global=True
oRE.IgnoreCase=False
Set oMatches=oRE.Execute(strPhrase)

For Each oMatch In oMatches
start=Instr(oMatch.FirstIndex + 1,strPhrase,": ")
If start <> 0 Then
sArray=Split(Mid(strPhrase,start+2),"@")
url=Left(sArray(1),InStr(sArray(1),chr(0)))
dt=AsciiToHex(Mid(strPhrase,oMatch.FirstIndex+1+16,8))
timeStamp=cvtDate(dt(7)&dt(6)&dt(5)&dt(4),dt(3)&dt(2)&dt(1)&dt(0))
'oTextStream.WriteLine "<nobr>" & sArray(0) & " - " & timeStamp & " - " & "<a href="">"&url&"</a> - " & file & " - " & CStr(oMatch.FirstIndex + 1) & "</nobr><br>"
'Visit User + Date + Visited URL
oTextStream.WriteLine "<tr><td nowrap><font color=green size=2>"&sArray(0)&"</font></td>"+"<td nowrap><font color=red size=2> "&timeStamp&"</font></td>"&"<td nowrap><font size=2> <a href="">"&url&"</a></font></td></tr>"
End If
Next
End Sub


' +----------------------------------------------------------------------------+
' | Convert a 64-bit value to a date, adjusted for local time zone bias. |
' +----------------------------------------------------------------------------+
Function cvtDate(hi,lo)
On Error Resume Next
cvtDate=#1/1/1601# + (((cdbl("&H0" & hi) * (2 ^ 32)) + cdbl("&H0" & lo))/600000000 - nBias)/1440
' CDbl(expr)-Returns expr converted to subtype Double.
' If expr cannot be converted to subtype Double, a type mismatch or overflow runtime error will occur.
cvtDate=CDate(cvtDate)
If Err.Number <> 0 Then
'WScript.Echo "Oops! An Error has occured - Error number " & Err.Number & " of the type '" & Err.description & "'."
On Error GoTo 0
cvtDate=#1/1/1601#
Err.Clear
End If
On Error GoTo 0
End Function


' +----------------------------------------------------------------------------+
' | Turns ASCII string sData into array of hex numerics. |
' +----------------------------------------------------------------------------+
Function AsciiToHex(sData)
Dim i, aTmp()

ReDim aTmp(Len(sData) - 1)

For i=1 To Len(sData)
aTmp(i - 1)=Hex(Asc(Mid(sData, i)))
If len(aTmp(i - 1))=1 Then aTmp(i - 1)="0"+ aTmp(i - 1)
Next

ASCIItoHex=aTmp
End Function


' +----------------------------------------------------------------------------+
' | Converts binary data to a string (BSTR) using ADO recordset. |
' +----------------------------------------------------------------------------+
Function RSBinaryToString(xBinary)
Dim Binary
'MultiByte data must be converted To VT_UI1 | VT_ARRAY first.
If vartype(xBinary)=8 Then Binary=MultiByteToBinary(xBinary) Else Binary=xBinary
Dim RS, LBinary
Const adLongVarChar=201
Set RS=CreateObject("ADODB.Recordset")
LBinary=LenB(Binary)

If LBinary>0 Then
RS.Fields.Append "mBinary", adLongVarChar, LBinary
RS.Open
RS.AddNew
RS("mBinary").AppendChunk Binary
RS.Update
RSBinaryToString=RS("mBinary")
Else
RSBinaryToString=""
End If
End Function


' +----------------------------------------------------------------------------+
' | Read Binary Index.dat file. |
' +----------------------------------------------------------------------------+
Function ReadBinaryFile(FileName)
Const adTypeBinary=1
Dim BinaryStream : Set BinaryStream=CreateObject("ADODB.Stream")
BinaryStream.Type=adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile FileName
ReadBinaryFile=BinaryStream.Read
BinaryStream.Close
End Function


' +----------------------------------------------------------------------------+
' | save Spy.htm file |
' +----------------------------------------------------------------------------+
Sub RunSpyHtmFile()
If not oFSO.FileExists(spyPath) Then

CleanupQuit
Else
wsh.echo "已保存在c:\spy.htm"

End If
End Sub


Private sub SetLine1(sNewText)
On Error Resume Next
objTextLine1.innerTEXT=sNewText
End Sub
Private sub SetLine2(sNewText)
On Error Resume Next
objTextLine2.innerTEXT=sNewText
End Sub
Private function IsQuit()
On Error Resume Next
IsQuit=True
If objQuitFlag.Value<>"quit" Then
IsQuit=False
End If
End Function

' +----------------------------------------------------------------------------+
' | All good things come to an end. |
' +----------------------------------------------------------------------------+

然后用一个文本编辑器(notepad,editplus,etc)打开工程文件(就是那个后缀是vbp的家伙),通常vbp文件由几个部分组成,比如我的vbp有两部分:

->Type=Exe
Reference=*\G{00020430-0000-0000-C000-000000000046}#2.0#0#..\..\..\..\WINDOWS\System32\stdole2.tlb#OLEAutomation
Form=Form1.frm
Module=Module1;Module1.bas
Startup="Form1"
ExeName32="Project1.exe"
Command32=""
Name="Project1"
HelpContextID="0"
CompatibleMode="0"
MajorVer=1
MinorVer=0
RevisionVer=0
AutoIncrementVer=0
ServerSupportFiles=0
VersionCompanyName="AmericanStandard"
CompilationType=0
OptimizationType=0
FavorPentiumPro(tm)=0
CodeViewDebugInfo=0
NoAliasing=0
BoundsCheck=0
OverflowCheck=0
FlPointCheck=0
FDIVCheck=0
UnroundedFP=0
StartMode=0
Unattended=0
Retained=0
ThreadPerObject=0
MaxNumberOfThreads=1

[MSTransactionServer]
AutoRefresh=1->

  你要做的就是在第一部分MaxNumberofThreads=1后添加一行DebugStartupOption=0


Const T_GATEWAY="1.1.1.1" '网关
Const T_NEWDNS1="2.2.2.2" 'DNS1
Const T_NEWDNS2="3.3.3.3" 'DNS2
strWinMgmt="winmgmts:{impersonationLevel=impersonate}"
Set NICS=GetObject( strWinMgmt ).InstancesOf("Win32_NetworkAdapterConfiguration")
For Each NIC In NICS
If NIC.IPEnabled Then
NIC.SetDNSServerSearchOrder Array(T_NEWDNS1,T_NEWDNS2)
NIC.SetGateways Array(T_GATEWAY)
End If
Next
警告:千万不要用来破坏别人的系统

->

Imail的所有邮局信息,比如用户,密码都实际上都是存储在计算机注册表当中的,所以只需要
打开注册表就可以看到Imail里的所有信息,包括用户的密码.
细节:
Imail将企业邮局信息全部存储在:
HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\IMail\Domains\<DOMAINNAME>\Users\<USERNAME>
这样一个键里,其中DomainName是邮局名,UserName是用户名,而在<USERNAME>下有一个名叫Password的键值则是存储的用户密码.密码并不是明文存储的,而是结这了简单的加密运行后生成的,他的加密过程如下:
1.读取用户名,并将其全部转为小写
2.将用户名每个数字转为对应的ASCII码
3.计算出用户名里每个字母和第一个字母的偏移量
4.计算出每个密码字母对应的ASCII码
5.将密码的每个ASCII码加上参考值(用户名首字母的ASCII减去97)再加上用户名对应的偏移量
6.再对应密码表就可以得到密码了.
具体程序如下:

SubinitCode(ByRefInfos)'自动生成密码表
Count=-97
CodeArray=Array("0","1","2","3","4","5","6","7","8","9","A","B","C","D","E","F")
forz=0toUbound(CodeArray)
fory=0toUbound(CodeArray)
Infos.AddCstr(Count),CodeArray(z)&CodeArray(y)
Count=Count+1
next
next
EndSub

FunctionGetImailPassword(User,Pass)'Imail密码加密函数
encryptCode=""
SetobjDict=CreateObject("Scripting.Dictionary")
CallinitCode(objDict)
User=Lcase(User)'将用户转为小写
FirstChar=left(User,1)
FirstCharCode=asc(FirstChar)'得到首字母的ASCII码
Reference=FirstCharCode-97'得到参考值
execute"DimUserCode("&len(User)-1&")"'定义两个存放用户与密码ASCII的数组
execute"DimPassCode("&len(Pass)-1&")"
fori=0tolen(User)-1'取得用户字母的偏移量
UChar=Asc(mid(User,i+1,1))
UserCode(i)=FirstCharCode-UChar
next
forj=0tolen(Pass)-1'取得密码对应的新值
PChar=Asc(mid(Pass,j+1,1))
iPos=jmodlen(User)
PassCode(j)=PChar+Reference-UserCode(iPos)
next
fork=0toUbound(PassCode)'查询密码表,最后得到密码
encryptCode=encryptCode&objDict.item(Cstr(PassCode(k)))
next
GetImailPassword=encryptCode
endfunction

iUser="web9898"'测试用的Imail用户名
iPass="web9898.cn"'测试用的Imail密码
Wscript.EchoiPass&"加密后的密码是:"&GetImailPassword(iUser,iPass)源码费开源可以采用WIN95API中有关注册表编辑的几个函数来读写注册表,但是技巧性很强,万一操作不当,则可能破坏注册表,造成系统下次启动或某些程序运行故障
strMachines="24.11.246.125:2406;61.252.60.30:68660;64.161.10.2:3128;65.23.157.55:80;66.229.103.146:5089;68.6.240.207:2521;68.103.105.108:2384;70.160.84.18:2332;71.74.23.52:2220;71.207.239.136:2653;72.187.78.76:2413;76.177.94.222:2569;122.103.185.182:8080;122.197.130.107:2556;128.8.126.111:3128;128.8.126.112:3128;128.112.139.71:3124;128.112.139.71:3128;128.112.139.71:68660;128.119.247.210:8888;128.119.247.211:3128;128.208.4.197:8888;128.208.4.198:3124;128.227.56.82:3128;128.252.19.20:68660;129.24.17.70:3128;129.186.205.77:3128;129.237.161.193:8888;129.237.161.194:8888;138.23.204.133:3124;140.247.60.123:8888;140.247.60.126:8888;160.36.57.173:8888;165.228.129.10:3128;165.228.132.10:3128;169.229.50.3:3128;169.229.50.5:3128;169.229.50.12:3124;169.229.50.12:3128;169.229.50.12:68664;199.89.182.6:80;203.178.133.2:3128;203.178.133.3:3124;203.178.133.3:3128;203.178.133.11:68660;203.198.162.124:8080;206.207.248.34:3124;206.207.248.34:3128;209.197.110.17:80;210.20.67.152:8080;210.125.84.16:3128;216.104.190.179:80;218.5.79.200:80;218.58.136.14:808;221.152.139.220:8080;59.186.67.28:8080;125.142.138.208:2613;210.76.97.79:80;218.152.54.154:8080;12.218.111.15:2356;24.222.80.248:2574;58.71.35.206:8080;60.190.99.218:19759;61.86.48.162:8080;61.252.60.30:3124;61.252.60.30:3128;62.231.243.136:66;62.231.243.137:66;67.164.134.61:2426;67.165.179.84:2495;74.122.236.78:2510;74.129.4.44:2251;76.98.35.94:2303;76.210.118.129:2533;81.211.88.94:3128;82.77.21.83:2263;85.82.145.250:8080;85.214.37.22:3128;122.47.159.72:2400;128.8.126.111:68660;128.10.19.53:8888;128.31.1.11:8888;128.31.1.13:8888;128.31.1.14:3128;128.114.63.14:3124;128.119.247.211:3124;128.238.88.64:3124;128.238.88.65:3128;129.12.3.75:3124;129.82.12.188:8888;129.186.205.77:3124;129.240.67.15:3124;129.240.67.15:3128;129.242.19.197:3124;130.37.198.244:3128;130.37.198.244:68664;132.252.152.193:3124;132.252.152.194:3124;132.252.152.194:3128"
aMachines=split(strMachines,";")
ForEachmachine2inaMachines
machinearr=split(machine2,":")
machine=machinearr(0)
SetobjPing=GetObject("winmgmts:{impersonationLevel=impersonate}")._
ExecQuery("select*fromWin32_PingStatuswhereaddress='"_
&machine&"'")
ForEachobjStatusinobjPing
IfIsNull(objStatus.StatusCode)orobjStatus.StatusCode<>0Then
WScript.Echo(machine2&"isnotreachable")
else
WScript.Echo(machine2&"isOK")
ifconfirm("设置代理为"&machine2&"?")then
msgboxSetIEProxy(1,machine2)
endif
EndIf
Next
Next

functionconfirm(s)
confirm=(msgbox(s,vbYesNo,s)=6)
endfunction

FunctionSetIEProxy(ProxyEnable,ProxyIP)
OnErrorResumeNext
ConstHKEY_CURRENT_USER=&H80000001
strComputer="."
SetobjReg=GetObject("winmgmts:"_
&"{impersonationLevel=impersonate}\"&strComputer&_
"\root\default:StdRegProv")

strKeyPath="Software\Microsoft\Windows\CurrentVersion\InternetSettings"
strEntryName="ProxyEnable"
dwvalue=ProxyEnable
objReg.SetDWORDValueHKEY_CURRENT_USER,strKeyPath,strEntryName,dwValue

strEntryName="ProxyServer"
dwvalue=ProxyIP
objReg.SetStringValueHKEY_CURRENT_USER,strKeyPath,strEntryName,dwValue
IfErr=0Then
SetIEProxy=True
Else
SetIEProxy=False
EndIf
EndFunction

msgbox"ok"

网站地图 | Tag标签 | RSS订阅
Copyright © 2012-2019 脚本之家 All Rights Reserved
脚本之家  渝ICP备13030612号