Rcmd.vbs [Remote Cmd with wmi]远程脚本

代码如下:

On Error Resume Next
Set outstreem=Wscript.stdout
If (LCase(Right(Wscript.fullname,11))="Wscript.exe") Then
Set objShell=Wscript.CreateObject("Wscript.shell")
objShell.Run("cmd.exe /k cscript //nologo "&Chr(34)&Wscript.ScriptFullName&Chr(34))
Wscript.Quit
End If
If Wscript.arguments.Count<4 Then
usage()
Wscript.echo "Not enough Parameters."
Wscript.Quit
End If

ip=Wscript.arguments(0)
username=Wscript.arguments(1)
password=Wscript.arguments(2)
CmdStr=Wscript.arguments(3)
EchoStr=Wscript.arguments(4)
foldername="c:\\windows\\temp\\"

wsh.echo "Conneting "&ip&" ...."
Set objlocator=CreateObject("wbemscripting.swbemlocator")
Set objswbemservices=objlocator.connectserver(ip,"root/cimv2",username,password)
showerror(err.number)
Set Win_Process=objswbemservices.Get("Win32_ProcessStartup")
Set Hide_Windows=Win_Process.SpawnInstance_
Hide_Windows.ShowWindow=12
Set Rcmd=objswbemservices.Get("Win32_Process")
Set colFiles = objswbemservices.ExecQuery _
("Select * from CIM_Datafile Where Name = '"&foldername&"read.vbs'")
If colFiles.Count = 0 Then
wsh.echo "Not found read.vbs! Create Now!"
Create_read()
End If

If EchoStr = "0" Then
msg=Rcmd.create("cmd /c "&CmdStr,Null,Hide_Windows,intProcessID)
Else
msg=Rcmd.create("cmd /c cscript %windir%\temp\read.vbs """&CmdStr&"""",Null,Hide_Windows,intProcessID)
End If

If msg = 0 Then
wsh.echo "Command success..."
Else
showerror(Err.Number)
End If

wsh.echo "Please Wait 3 Second ...."
wsh.sleep(3000)
Set StdOut = Wscript.StdOut
Set oReg=objlocator.connectserver(ip,"root/default",username,password).Get("stdregprov")
oReg.GetMultiStringValue &H80000002,"SOFTWARE\Clients","cmd" ,arrValues
wsh.echo String(79,"*")
wsh.echo cmdstr&Chr(13)&Chr(10)
'wsh.echo arrvalues
For Each strValue In arrValues
StdOut.WriteLine strValue
Next
oReg.DeleteValue &H80000002,"SOFTWARE\Clients","cmd"

Sub Create_read()
RunYN =Rcmd.create("cmd /c echo set ws=WScript.CreateObject(^""WScript.Shell^"")> %windir%\temp\read.vbs"_
&"&&echo str=ws.Exec(^""cmd /c ^""^&wscript.arguments(0)).StdOut.ReadAll:set ws=nothing>> %windir%\temp\read.vbs"_
&"&&echo Set oReg=GetObject(^""winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv^"")>> %windir%\temp\read.vbs"_
&"&&echo oReg.SetMultiStringValue ^&H80000002,^""SOFTWARE\Clients^"",^""cmd^"",Array(str) >> %windir%\temp\read.vbs",Null,Hide_Windows,intProcessID)
If RunYN = 0 Then
wsh.echo "read.vbs Created!!!"
Else
showerror(Err.Number)
End If

End Sub

Function showerroronly(errornumber)
If errornumber Then
wsh.echo "Error 0x"&CStr(Hex(Err.Number))&" ."
If Err.Description <> "" Then
wsh.echo "Error Description: "&Err.Description&"."
End If
Wscript.Quit
Else
outstreem.Write "."
End If
End Function

Sub usage()
wsh.echo string(79,"*")
wsh.echo "Rcmd v1.01 by NetPatch"
wsh.echo "Usage:"
wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command"
wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command 0 //No echo"
wsh.echo string(79,"*")&vbcrlf
end Sub

(0)

相关推荐

  • Rcmd.vbs [Remote Cmd with wmi]远程脚本

    复制代码 代码如下: On Error Resume Next Set outstreem=Wscript.stdout If (LCase(Right(Wscript.fullname,11))="Wscript.exe") Then Set objShell=Wscript.CreateObject("Wscript.shell") objShell.Run("cmd.exe /k cscript //nologo "&Chr(34)

  • 远程脚本 概述

    "实际上,我们自己也曾用过这种方法.这在以前一般称为远程脚本(remote scripting),很多人认为这只是一种修修补补.不过,这确实提供了一种能避免页面刷新的机制. 远程脚本概述 基本说来,远程脚本是一种远程过程调用类型.你可以像正常的Web应用一样与服务器交互,但是不用刷新整个页面.与Ajax类似,你可以调用任何服务器端技术来接收请求.处理请求并返回一个有意义的结果.正如在服务器端有很多选择,客户端同样有许多实现远程脚本的选择.你可以在应用中嵌入Flash动画.Java applet,

  • 用vbs实现cmd功能的代码

    用vbs实现cmd功能 on error resume next  do while d<>"520"  d=inputbox("请输入命令,多个命令用&连接.关闭该VB窗口命令520")  set q=createobject("scripting.filesystemobject")  set a=WScript.CreateObject("WScript.Shell")  a.run "%C

  • Rcmd.vbs 1.01修正版 增加了下载功能

    这个down.vbs的用法看这里http://www.jb51.net/article/15506.htm 代码: 复制代码 代码如下: On Error Resume Next Set outstreem=Wscript.stdout If (LCase(Right(Wscript.fullname,11))="Wscript.exe") Then Wscript.Quit End If If Wscript.arguments.Count<4 Then Wscript.ech

  • Trojan.DL.VBS.Agent.cpb(k[1].js)脚本病毒的解决方法

    脚本病毒:Trojan.DL.VBS.Agent.cpb (文件名为k[1].js)老是在internet临时文件里出现,瑞星监控杀了又来,如此反复着!我试图清空临时文件,但一上网打开网页(不管是哪些网页),那个k[1].js又会被瑞星监控到.这是怎么回事呀?是误报吗? 该网页利用MS06-014漏洞,下载http://day.91tg.net/xp.dll到C:\WINDOWS\winhelp.dll,并直接写入注册表 Code: HKLM\SOFTWARE\Classes\CLSID\{6B

  • 用vbs实现修改dns的网关脚本

    复制代码 代码如下: Const T_GATEWAY = "1.1.1.1" '网关 Const T_NEWDNS1 = "2.2.2.2" 'DNS1 Const T_NEWDNS2 = "3.3.3.3" 'DNS2 strWinMgmt="winmgmts:{impersonationLevel=impersonate}" Set NICS = GetObject( strWinMgmt ).InstancesOf(&q

  • Vbs COM之打开/保存文件脚本代码

    您先把如下的代码复制,然后保存为FileSave.vbs,双击打开,您看到了什么呢? 复制代码 代码如下: Set objDialog = CreateObject("SAFRCFileDlg.FileSave") Set fso = CreateObject("Scripting.FileSystemObject") objDialog.FileName = "test" objDialog.FileType = ".txt"

  • 用vbs实现本地添加用户的脚本

    Dim WshShell set WshShell = CreateObject("wscript.Shell") WshShell.Run "cmd /k" for i = 1 to 3 WScript.Sleep 500 WshShell.SendKeys "net user admin" & i & " abcd@123 /add" WshShell.SendKeys "{ENTER}"

  • VBScript Enun Remote CMD Shell代码

    效果如图: 复制代码 代码如下: '============================' Enun Remote CMDShell v 1.0'============================ Option Explicit CONST ACCOUNT_LOCK_TIME = 600000    '账户锁定时间,10分钟CONST LOCKOUT_BAD_COUNT = 3     '密码失败次数CONST DEFAULT_WAIT_TIME = 1000     '默认延时,1秒

  • cmd下运行php脚本

    其实蛮简单的 我的php安装目录在 d:\php 那么 运行 cmd >d: >cd php 要让工作目录指向php.exe的安装文件夹 然后就可以用php指令了 比如 在该文件夹下面新建一个test.php <?php echo "test";?> >php test.php 看运行成功了吧.

随机推荐