来源:zzzevazzz’s blog
XP/2003的netstat有”-o”选项,所以很容易用脚本实现fport的功能。
with new regexp .pattern="(..P/s+/S+/s+/S+/s+[A-Z]*)/s*([0-9]+)" .global=true set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall) end with for each ps in getobject("winmgmts://./root/cimv2:win32_process").instances_ f=0 for each m in ms if m.submatches(1)=ps.handle then if f=0 then f=1 s=s&">"&ps.handle&vbtab&ps.name&vbtab&ps.executablepath&vbcrlf end if s=s&" "&m.submatches(0)&vbcrlf end if next next wscript.echo s照例给出echo版,方便在远程shell中使用:
@echo with new regexp:.pattern="(..P/s+/S+/s+/S+/s+[A-Z]*)/s*([0-9]+)":.global=true:set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall):end with:for each ps in getobject("winmgmts://./root/cimv2:win32_process").instances_:f=0:for each m in ms:if m.submatches(1)=ps.handle then if f=0 then wscript.echo ">"^&ps.handle^&vbtab^&ps.name^&vbtab^&ps.executablepath:f=1:end if:wscript.echo " "^&m.submatches(0):end if:next:next>fp.vbs&@cscript //nologo fp.vbs&del fp.vbs免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论