远程或本地获取系统信息的脚本RGIS.vbs |
|
******************************************************************************* RGIS v1.03 Remote Get Infomation Script, by zzzEVAzzz Welcome to visite www.isgrey.com & www.h4h4.com Usage: cscript rgis.vbs [/r targetIP username password] [/o filename] [/v] [/a] [/h] /r: remote get info. /o: output to file. /v: get more infomation. /a: get applications infomation. /h: show usage. ******************************************************************************* 描述:远程或本地获取系统信息的脚本 。 特点:不依赖于目标的ipc$开放与否 。 原理:直接访问目标的windows管理规范服务(WMI) 。 支持平台:win2kpro win2kserver winxp 使用方法: 在命令行方式下使用windows自带的脚本宿主程序cscript.exe调用脚本,例如: c:\>cscript rgis.vbs [/r 目标IP 用户名 密码] [/o 输出文件] [/v] [/a] [/h] 参数都是可选的 。 /r 用于远程获得信息 。空密码用""表示 。 /o 加输出文件路径和名字,如文件不存在则自动新建,如存在则添加信息在末尾 。 /v 获取详细信息 。 /a 获取应用程序信息 。 /h 显示Usage 。 不加参数则显示本地信息 。 脚本访问的目标的135端口,如果目标135端口未开放,或者WMI服务关闭,那么脚本无法使用 。 另外,网络不是很好时,可能会等待较多的时间 。 有问题和建议请到 灰色轨迹论坛 或 H4网络安全论坛 发短消息给我 。我的ID是zzzevazzz 最后更新:2002-12-7 更新记录: 1.03 增加获得应用程序信息的功能 1.02 增加获得HotFix和端口过滤简单信息的功能 1.01 增加输出到文件的功能 1.00 最初版本 复制代码 代码如下: if (lcase(right(wscript.fullname,11))="wscript.exe") then set objshell=wscript.createobject("wscript.shell") objshell.run("cmd.exe /k cscript //nologo "&chr(34)&wscript.scriptfullname&chr(34)) wscript.quit end if with wscript.arguments if .count>0 then ipaddress="." outfile="" username="" password="" viewtype=0 program=0 for arg=0 to .count-1 select case left(lcase(.item(arg)),2) case "/h","/?","\h","\?" usage() wscript.quit case "/r","\r" if arg+3<=.count-1 then ipaddress=.item(arg+1) username=.item(arg+2) password=.item(arg+3) else wscript.echo "Arguments Error!"&vbcrlf usage() wscript.quit end if case "/v","\v" viewtype=1 case "/o","\o" outfile=.item(arg+1) case "/a","\a" program=1 end select next end if end with on error resume next if outfile<>"" then set fs=createobject("scripting.filesystemobject") showerr() set of=fs.opentextfile(outfile,8,true) showerr() end if wscript.echo "Getting Infomation...."&vbcrlf set objlocator=createobject("wbemscripting.swbemlocator") showerr() set objswb=objlocator.connectserver(ipaddress,"root/cimv2",username,password) showerr() on error goto 0 set obj1=objget("win32_computersystem") set obj2=objget("win32_operatingsystem") set col3=objswb.instancesof("win32_processor") set obj4=objget("win32_logicalmemoryconfiguration") set obj5=objget("win32_bios") set obj6=objget("win32_displayconfiguration") set col7=objswb.instancesof("win32_diskdrive") set col8=objswb.instancesof("win32_logicaldisk") set col9=objswb.instancesof("win32_networkadapterconfiguration") set col10=objswb.instancesof("win32_quickfixengineering") if program=1 then set objswb1=objlocator.connectserver(ipaddress,"root/default",username,password) set obj11=objswb1.get("stdregprov") end if wnl "OS Info :" wnl " Computer Name : "&obj1.name wnl " User Name : "&obj1.username wnl " Domain : "&obj1.domain domainrole="" select case obj1.domainrole case 0 domainrole="Workstation" case 1 domainrole="Member Workstation" case 2 domainrole="Server" case 3 domainrole="Member Server" case 4 domainrole="Backup Domain Controller" case 5 domainrole="Main Domain Controller" end select with obj2 wnl " Domain Role : "&domainrole wnl " Caption : "&.caption wnl " Organization : "&.organization wnl " Registered User : "&.registereduser wnl " Install Date : "&timeformat(.installdate) wnl " Last BootUp Time : "&timeformat(.lastbootuptime) wnl " Windows Directory : "&.windowsdirectory if viewtype=1 then wnl " System Directory : "&.systemdirectory wnl " Boot Device : "&.bootdevice wnl " Country Code : "&.countrycode wnl " CSName : "&.csname wnl " Description : "&.description wnl " Manufacturer : "&.manufacturer wnl " Serial Number : "&.serialnumber wnl " Version : "&.version wnl " System Type : "&obj1.systemtype wnl " System Startup Delay : "&obj1.systemstartupdelay&"s" wnl " System Startup Options : "&obj1.systemstartupoptions(0) for i=1 to ubound(obj1.systemstartupoptions) wnl space(28)&obj1.systemstartupoptions(i) next end if end with wnl vbcrlf&"Processor Info :" wnl " Number Of Processors : "&obj1.numberofprocessors for each obj3 in col3 with obj3 wnl " Device ID : "&.deviceid wnl " Name : "&.name wnl " Current Clock Speed : "&.currentclockspeed&"MHz" wnl " Description : "&.description if viewtype=1 then wnl " Ext Clock : "&.extclock&"MHz" wnl " L2 Cache Size : "&.l2cachesize&"KB" wnl " L2 Cache Speed : "&.l2cachespeed&"MHz" wnl " Processor Id : "&.processorid wnl " Manufacturer : "&.manufacturer wnl " Socket Designation : "&.socketdesignation wnl " Address Width : "&.addresswidth&"Bit" wnl " Data Width : "&.datawidth&"Bit" end if end with next with obj4 wnl vbcrlf&"Memory Info :" wnl " Total Physical Memory : "&cint(.totalphysicalmemory/1024)&"MB" wnl " Free Physical Memory : "&cint(obj2.freephysicalmemory/1024)&"MB" if viewtype=1 then wnl " Total PageFile Space : "&cint(.totalpagefilespace/1024)&"MB" wnl " Total Virtual Memory : "&cint(.totalvirtualmemory/1024)&"MB" wnl " Available Virtual Memory : "&cint(.availablevirtualmemory/1024)&"MB" end if end with if viewtype=1 then wnl vbcrlf&"BIOS Info :" wnl " Description : "&obj5.description wnl " Current Language : "&obj5.currentlanguage wnl " Version : "&obj5.version wnl " Manufacturer : "&obj5.manufacturer end if with obj6 wnl vbcrlf&"Display Configuration :" wnl " Caption : "&.caption if viewtype=1 then wnl " Device Name : "&.devicename wnl " Driver Version : "&.driverversion end if wnl " Display Frequency : "&.displayfrequency&"Hz" wnl " Bits Per Pel : "&.bitsperpel&"Bit" wnl " Pels : "&.pelswidth&" x "&.pelsheight end with wnl vbcrlf&"Disk Info :" for each obj7 in col7 with obj7 wnl " DeviceID : "&.deviceid wnl " Caption : "&.caption wnl " Interface Type : "&.interfacetype if viewtype=1 then wnl " SCSI Bus : "&.scsibus wnl " SCSI Logical Unit : "&.scsilogicalunit wnl " SCSI Port : "&.scsiport wnl " SCSI TargetId : "&.scsitargetid wnl " Sectors Per Track : "&.sectorspertrack&"KB" end if wnl " Partitions : "&.partitions wnl " Size : "&sizeformat(.size) end with next str=" Volume"+space(2)+"Type"+space(8)+"Format"+space(4) str=str+"Size"+space(6)+"Free"+space(12)+"Label" wnl str for each obj8 in col8 with obj8 drivetype="" select case .drivetype case 0 drivetype="Unknow" case 1 drivetype="NoRootDir" case 2 drivetype="Removable" case 3 drivetype="Fixed" case 4 drivetype="Network" case 5 drivetype="CD-ROM" case 6 drivetype="RAM" end select strpercent="" if .size<>"" and .freespace<>"" then strpercent=" ("&formatpercent(.freespace/.size,0)&")" end if str=" "&wsp(.caption,8)&wsp(drivetype,12)&wsp(.filesystem,10)&wsp(sizeformat(.size),10) str=str&wsp(sizeformat(.freespace)&strpercent,16)&.volumename wnl str end with next wnl vbcrlf&"NIC Informaton :" for each obj9 in col9 with obj9 if .IPEnabled then wnl " Index : "&.index wnl " Description : "&.description if viewtype=1 then wnl " DHCP Enabled : "&.dhcpenabled wnl " DHCP Server : "&.dhcpserver wnl " DNS Host Name : "&.dnshostname wnl " DNS Server Search Order : "&wfl(.dnsserversearchorder) wnl " WINS Primary Server : "&.winsprimaryserver end if wnl " IP Address : "&wfl(.ipaddress) wnl " MAC Address : "&.macaddress wnl " Default IP Gateway : "&wfl(.defaultipgateway) wnl " IP Subnet : "&wfl(.ipsubnet) if viewtype=1 then wnl " IP Filter Security Enabled : "&.ipfiltersecurityenabled wnl " IPSec Permit IP Protocols : "&wfl(.ipsecpermitipprotocols) wnl " IPSec Permit TCP Ports : "&wfl(.ipsecpermittcpports) wnl " IPSec Permit UDP Ports : "&wfl(.ipsecpermitudpports) end if end if end with next if viewtype=1 then wnl vbcrlf&"Hot Fixes Info :" for each obj10 in col10 wnl " Hot Fix ID : "&obj10.hotfixid wnl " Fix Comments : "&obj10.fixcomments wnl " Install Date : "&obj10.installdate wnl " Service Pack In Effect : "&obj10.servicepackineffect next end if if program=1 then wnl vbcrlf&"Applications :" HKLM=&h80000002 keypath="SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\" obj11.enumkey HKLM,keypath,keyarray redim str(ubound(keyarray)+1) j=0 for i=0 to ubound(keyarray) obj11.getstringvalue HKLM,keypath+keyarray(i),"displayname",strvalue if strvalue<>"" then str(j)=strvalue j=j+1 end if next if j>1 then for i=0 to j-1 for k=0 to j-i-1 if strcomp(str(k),str(k+1),1)=1 then strtemp=str(k+1) str(k+1)=str(k) str(k)=strtemp end if next next end if for i=0 to j-1 wnl " "&str(i) next end if sub showerr() if err.number then wscript.echo "Error 0x"&cstr(hex(err.number))&" ." if err.description<>"" then wscript.echo "Error description: "&err.description&"." end if wscript.quit end if end sub sub wnl(msg) wscript.echo msg if isobject(of) then on error resume next of.writeline msg showerror() on error goto 0 end if end sub function wfl(byref obj) str="" for i=0 to ubound(obj) str=str&obj(i)&" " next wfl=str end function function wsp(msg,num) if msg<>"" then msg=left(msg,num-1) wsp=msg&space(num-len(msg)) else wsp=space(num) end if end function function timeformat(msg) timeformat=left(msg,4)&"/"&mid(msg,5,2)&"/"&mid(msg,7,2)&" "&mid(msg,9,2)&":"&mid(msg,11,2)&":"&mid(msg,13,2) end function function sizeformat(msg) if msg<>"" then size=msg/1048576 if size>1024 then sizeformat=round(size/1024,2)&"GB" else sizeformat=round(size,1)&"MB" end if end if end function function objget(msg) set col=objswb.instancesof(msg) for each objx in col set obj=objx next set objget=obj end function function usage() wscript.echo string(79,"*") wscript.echo "RGIS v1.03" wscript.echo "Remote Get Infomation Script, by zzzEVAzzz" wscript.echo "Welcome to visite www.isgrey.com & www.h4h4.com" wscript.echo "Usage:" wscript.echo "cscript rgis.vbs [/r targetIP username password] [/o filename] [/v] [/a] [/h]" wscript.echo "/r: remote get info." wscript.echo "/o: output to file." wscript.echo "/v: get more infomation." wscript.echo "/a: get applications infomation." wscript.echo "/h: show usage." wscript.echo string(79,"*")&vbcrlf end function |
