<>作者:zzzevazzz 来自:http://www.ph4nt0m.org</P>( @# `6 Z( M) z9 p' T, ]
<>XP和2003下的netstat有-o选项,所以可以容易地实现fport。 1 E n% ^9 {0 I3 j9 K! v- \9 N% a" N" l) x5 U
vbs脚本版: . k+ F7 X% e' }6 s3 m" TCodz: & |2 O, @6 f- S9 f1 z$ |7 M
- u1 G' L; l5 i. C( B& I+ J6 lwith new regexp 7 f/ G( o& l5 e0 D) ~0 ?% x( p, T4 W/ ^
.pattern="(..Ps+S+s+S+s+[A-Z]*)s*([0-9]+)" # x( e, w5 ^6 n% G .global=true 4 ~" j: B5 E/ D9 A* w. ]4 p set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall) / |8 E" f/ U! u r& E/ rend with # S& d% t+ t* u2 u3 G2 kfor each ps in getobject("winmgmts:\.\rootcimv2:win32_process").instances_ ! [7 e4 M( W, r, e
f=0 " l$ y" o8 {( u1 O" r for each m in ms # g& ~. d- Y9 x* O! w$ T! T
if m.submatches(1)=ps.handle then 8 x3 r P' Z( _
if f=0 then f=1:wscript.echo ">"&ps.handle&vbtab&ps.name&vbtab&ps.executablepath - E$ \! y4 k. |3 y Z wscript.echo " "&m.submatches(0) " x5 {" c( }9 C* [ end if 6 y& L9 v( [! F# {7 v+ l
next v& n& W4 i, k, H" S! I
next , {7 A% t# m2 d5 }: K J$ {" t; T& Z 2 _- A1 G5 z, C& V3 `0 p# m( i8 L$ H3 R
照例给出echo版,方便在远程shell中使用。6 {& N& J( d+ {1 r
@echo with new regexp:.pattern="(..P\s+\S+\s+\S+\s+[A-Z]*)\s*([0-9]+)":.global=true>fp.vbs1 n; d% s3 s% J/ I, h S% n2 k
@echo set ms=.execute(createobject("wscript.shell").exec("netstat -ano").stdout.readall)>>fp.vbs2 @: L3 `+ C9 d( ~! r7 P! J. l' y
@echo end with:for each ps in getobject("winmgmts:\\.\root\cimv2:win32_process").instances_>>fp.vbs! i7 s& I3 N6 r- T1 ]
@echo f=0:for each m in ms:if m.submatches(1)=ps.handle then _>>fp.vbs * m5 x6 N9 t7 V# C7 `@echo if f=0 then f=1:wscript.echo ">"^&ps.handle^&vbtab^&ps.name^&vbtab^&ps.executablepath:end if:_>>fp.vbs 6 x9 K: l% q b4 {@echo wscript.echo " "^&m.submatches(0):end if:next:next>>fp.vbs # Q8 i8 _3 ^7 C" ~2 S! t@cscript //nologo fp.vbs&del fp.vbs</P>
IP卡
狗仔卡
发表于 2004-11-5 22:57
>作者:zzzevazzz 来自:http://www.ph4nt0m.org</P>( @# `6 Z( M) z9 p' T, ]
转播
淘帖
分享
收藏
支持
反对
微信
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
显身卡
