Rcmd.vbs [Remote Cmd with wmi]远程脚本
2016-07-18来源:

代码如下:

On Error Resume Next

Set outstreem=Wscript.stdout

If (LCase(Right(Wscript.fullname,11))="Wscript.exe") Then

Set objShell=Wscript.CreateObject("Wscript.shell")

objShell.Run("cmd.exe /k cscript //nologo "&Chr(34)&Wscript.ScriptFullName&Chr(34))

Wscript.Quit

End If

If Wscript.arguments.Count<4 Then

usage()

Wscript.echo "Not enough Parameters."

Wscript.Quit

End If

ip=Wscript.arguments(0)

username=Wscript.arguments(1)

password=Wscript.arguments(2)

CmdStr=Wscript.arguments(3)

EchoStr=Wscript.arguments(4)

foldername="c:\\windows\\temp\\"

wsh.echo "Conneting "&ip&" ...."

Set objlocator=CreateObject("wbemscripting.swbemlocator")

Set objswbemservices=objlocator.connectserver(ip,"root/cimv2",username,password)

showerror(err.number)

Set Win_Process=objswbemservices.Get("Win32_ProcessStartup")

Set Hide_Windows=Win_Process.SpawnInstance_

Hide_Windows.ShowWindow=12

Set Rcmd=objswbemservices.Get("Win32_Process")

Set colFiles = objswbemservices.ExecQuery _

("Select * from CIM_Datafile Where Name = '"&foldername&"read.vbs'")

If colFiles.Count = 0 Then

wsh.echo "Not found read.vbs! Create Now!"

Create_read()

End If

If EchoStr = "0" Then

msg=Rcmd.create("cmd /c "&CmdStr,Null,Hide_Windows,intProcessID)

Else

msg=Rcmd.create("cmd /c cscript %windir%\temp\read.vbs """&CmdStr&"""",Null,Hide_Windows,intProcessID)

End If

If msg = 0 Then

wsh.echo "Command success..."

Else

showerror(Err.Number)

End If

wsh.echo "Please Wait 3 Second ...."

wsh.sleep(3000)

Set StdOut = Wscript.StdOut

Set oReg=objlocator.connectserver(ip,"root/default",username,password).Get("stdregprov")

oReg.GetMultiStringValue &H80000002,"SOFTWARE\Clients","cmd" ,arrValues

wsh.echo String(79,"*")

wsh.echo cmdstr&Chr(13)&Chr(10)

'wsh.echo arrvalues

For Each strValue In arrValues

StdOut.WriteLine strValue

Next

oReg.DeleteValue &H80000002,"SOFTWARE\Clients","cmd"

Sub Create_read()

RunYN =Rcmd.create("cmd /c echo set ws=WScript.CreateObject(^""WScript.Shell^"")> %windir%\temp\read.vbs"_

&"&&echo str=ws.Exec(^""cmd /c ^""^&wscript.arguments(0)).StdOut.ReadAll:set ws=nothing>> %windir%\temp\read.vbs"_

&"&&echo Set oReg=GetObject(^""winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv^"")>> %windir%\temp\read.vbs"_

&"&&echo oReg.SetMultiStringValue ^&H80000002,^""SOFTWARE\Clients^"",^""cmd^"",Array(str) >> %windir%\temp\read.vbs",Null,Hide_Windows,intProcessID)

If RunYN = 0 Then

wsh.echo "read.vbs Created!!!"

Else

showerror(Err.Number)

End If

End Sub

Function showerroronly(errornumber)

If errornumber Then

wsh.echo "Error 0x"&CStr(Hex(Err.Number))&" ."

If Err.Description <> "" Then

wsh.echo "Error Description: "&Err.Description&"."

End If

Wscript.Quit

Else

outstreem.Write "."

End If

End Function

Sub usage()

wsh.echo string(79,"*")

wsh.echo "Rcmd v1.01 by NetPatch"

wsh.echo "Usage:"

wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command"

wsh.echo "cscript "&wscript.scriptfullname&" targetIP username password Command 0 //No echo"

wsh.echo string(79,"*")&vbcrlf

end Sub

推荐信息
Baidu
map