欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

Rcmd.vbs [Remote Cmd with wmi]远程脚本

程序员文章站 2022-04-10 08:02:57
复制代码 代码如下:on error resume next set outstreem=wscript.stdout if (lcase(right(wscript.fu...
复制代码 代码如下:

on error resume next
set outstreem=wscript.stdout
if (lcase(right(wscript.fullname,11))="wscript.exe") then
set objshell=wscript.createobject("wscript.shell")
objshell.run("cmd.exe /k cscript //nologo "&chr(34)&wscript.scriptfullname&chr(34))
wscript.quit
end if
if wscript.arguments.count<4 then
usage()
wscript.echo "not enough parameters."
wscript.quit
end if

ip=wscript.arguments(0)
username=wscript.arguments(1)
password=wscript.arguments(2)
cmdstr=wscript.arguments(3)
echostr=wscript.arguments(4)
foldername="c:\\windows\\temp\\"

wsh.echo "conneting "&ip&" ...."
set objlocator=createobject("wbemscripting.swbemlocator")
set objswbemservices=objlocator.connectserver(ip,"root/cimv2",username,password)
showerror(err.number)
set win_process=objswbemservices.get("win32_processstartup")
set hide_windows=win_process.spawninstance_
hide_windows.showwindow=12
set rcmd=objswbemservices.get("win32_process")
set colfiles = objswbemservices.execquery _
("select * from cim_datafile where name = '"&foldername&"read.vbs'")
if colfiles.count = 0 then
wsh.echo "not found read.vbs! create now!"
create_read()
end if


if echostr = "0" then
msg=rcmd.create("cmd /c "&cmdstr,null,hide_windows,intprocessid)
else
msg=rcmd.create("cmd /c cscript %windir%\temp\read.vbs """&cmdstr&"""",null,hide_windows,intprocessid)
end if

if msg = 0 then
wsh.echo "command success..."
else
showerror(err.number)
end if

wsh.echo "please wait 3 second ...."
wsh.sleep(3000)
set stdout = wscript.stdout
set oreg=objlocator.connectserver(ip,"root/default",username,password).get("stdregprov")
oreg.getmultistringvalue &h80000002,"software\clients","cmd" ,arrvalues
wsh.echo string(79,"*")
wsh.echo cmdstr&chr(13)&chr(10)
'wsh.echo arrvalues
for each strvalue in arrvalues
stdout.writeline strvalue
next
oreg.deletevalue &h80000002,"software\clients","cmd"

sub create_read()
runyn =rcmd.create("cmd /c echo set ws=wscript.createobject(^""wscript.shell^"")> %windir%\temp\read.vbs"_
&"&&echo str=ws.exec(^""cmd /c ^""^&wscript.arguments(0)).stdout.readall:set ws=nothing>> %windir%\temp\read.vbs"_
&"&&echo set oreg=getobject(^""winmgmts:{impersonationlevel=impersonate}!\\.\root\default:stdregprov^"")>> %windir%\temp\read.vbs"_
&"&&echo oreg.setmultistringvalue ^&h80000002,^""software\clients^"",^""cmd^"",array(str) >> %windir%\temp\read.vbs",null,hide_windows,intprocessid)
if runyn = 0 then
wsh.echo "read.vbs created!!!"
else
showerror(err.number)
end if

end sub

function showerroronly(errornumber)
if errornumber then
wsh.echo "error 0x"&cstr(hex(err.number))&" ."
if err.description <> "" then
wsh.echo "error description: "&err.description&"."
end if
wscript.quit
else
outstreem.write "."
end if
end function


sub usage()
wsh.echo string(79,"*")
wsh.echo "rcmd v1.01 by netpatch"
wsh.echo "usage:"
wsh.echo "cscript "&wscript.scriptfullname&" targetip username password command"
wsh.echo "cscript "&wscript.scriptfullname&" targetip username password command 0 //no echo"
wsh.echo string(79,"*")&vbcrlf
end sub