2005-12-09 18:50:01 by: h4x0r
fport.vbs for XP/2003
XP/2003的netstat有"-o"选项,所以很容易用脚本实现fport的功能。
Comments Feed: http://www.4evil.org/feed.asp?q=comment&id=322
with new regexp
.pattern="(..P\s+\S+\s+\S+\s+[A-Z]*)\s*([0-9]+)"
.global=true
set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall)
end with
for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_
f=0
for each m in ms
if m.submatches(1)=ps.handle then
if f=0 then
f=1
s=s&">"&ps.handle&vbtab&ps.name&vbtab&ps.executablepath&vbcrlf
end if
s=s&" "&m.submatches(0)&vbcrlf
end if
next
next
wscript.echo s
照例给出echo版,方便在远程shell中使用:.pattern="(..P\s+\S+\s+\S+\s+[A-Z]*)\s*([0-9]+)"
.global=true
set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall)
end with
for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_
f=0
for each m in ms
if m.submatches(1)=ps.handle then
if f=0 then
f=1
s=s&">"&ps.handle&vbtab&ps.name&vbtab&ps.executablepath&vbcrlf
end if
s=s&" "&m.submatches(0)&vbcrlf
end if
next
next
wscript.echo s
@echo with new regexp:.pattern="(..P\s+\S+\s+\S+\s+[A-Z]*)\s*([0-9]+)":.global=true:set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall):end with:for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_:f=0:for each m in ms:if m.submatches(1)=ps.handle then if f=0 then wscript.echo ">"^&ps.handle^&vbtab^&ps.name^&vbtab^&ps.executablepath:f=1:end if:wscript.echo " "^&m.submatches(0):end if:next:next>fp.vbs&@cscript //nologo fp.vbs&del fp.vbs
Comments Feed: http://www.4evil.org/feed.asp?q=comment&id=322
There is no comment on this article.
