*******************************************************************************
RGIS v1.03
Remote get infomation Script, by zzzevazzz
Welcome to visite www.isgrey.com & www.h4h4.com
Usage:
cscript Rgis.vbs [/R targetip username password] [/o filename] [v] [a] [/h]
/r:remote Get info.
/o:output to file.
/v:get more infomation.
/a:get applications infomation.
/h:show usage.
*******************************************************************************
Description: A script that obtains system information remotely or locally.
Features: ipc$ open or not dependent on the target.
Rationale: Direct access to the target Windows Management Specification service (WMI).
Support platform: Win2kpro win2kserver winxp
How to use:
Use the script Host program cscript.exe with Windows from the command-line to invoke the script, for example:
C:\>cscript Rgis.vbs [/R destination IP username password] [/o output FILE] [/v] [/a] [/h]
The parameters are optional.
/R is used to remotely obtain information. The empty password is indicated by "".
/o plus the output file path and name, such as the file does not exist automatically new, if there is to add information at the end.
/V to get more information.
/a Get application information.
/h display usage.
The local information is displayed without arguments.
The script accesses the 135 port of the target, if the target 135 port is not open, or the WMI service shuts down, then the script cannot be used.
In addition, the network is not very good, may wait for more time.
Have questions and suggestions please send me a short message to the Grey Track Forum or H4 network security forum. My id is zzzevazzz.
Last Updated: 2002-12-7
Update records:
1.03 increase the ability to get application information
1.02 increase the ability to get hotfix and port filtering simple information
1.01 increase output to file function
1.00 Initial version
Copy Code code as follows:
if (LCase right (wscript.fullname,11) = "Wscript.exe") Then
Set Objshell=wscript.createobject ("Wscript.Shell")
Objshell.run ("cmd.exe/k cscript//nologo" &CHR (34))
Wscript.Quit
End If
With WScript.Arguments
If. Count>0 Then
Ipaddress= "."
Outfile= ""
Username= ""
Password= ""
Viewtype=0
Program=0
For arg=0 to. count-1
Select Case Left (LCase (. Item (ARG)), 2
Case "/h", "/?", "\h", "\?"
Usage ()
Wscript.Quit
Case "/R", "\ r"
If Arg+3<=.count-1 Then
Ipaddress=.item (arg+1)
Username=.item (arg+2)
Password=.item (arg+3)
Else
WScript.Echo "Arguments error!" &vbcrlf
Usage ()
Wscript.Quit
End If
Case "V", "\v"
Viewtype=1
Case "O", "\o"
Outfile=.item (arg+1)
Case "/A", "\a"
Program=1
End Select
Next
End If
End With
On Error Resume Next
If outfile<> "" Then
Set Fs=createobject ("Scripting.FileSystemObject")
Showerr ()
Set Of=fs.opentextfile (outfile,8,true)
Showerr ()
End If
WScript.Echo "Getting infomation ..." &vbcrlf
Set Objlocator=createobject ("WbemScripting.SWbemLocator")
Showerr ()
Set Objswb=objlocator.connectserver (IPAddress, "root/cimv2", Username,password)
Showerr ()
On Error Goto 0
Set Obj1=objget ("Win32_ComputerSystem")
Set Obj2=objget ("Win32_OperatingSystem")
Set Col3=objswb.instancesof ("Win32_Processor")
Set Obj4=objget ("Win32_LogicalMemoryConfiguration")
Set Obj5=objget ("Win32_BIOS")
Set Obj6=objget ("Win32_displayconfiguration")
Set Col7=objswb.instancesof ("Win32_DiskDrive")
Set Col8=objswb.instancesof ("Win32_LogicalDisk")
Set Col9=objswb.instancesof ("Win32_NetworkAdapterConfiguration")
Set Col10=objswb.instancesof ("Win32_QuickFixEngineering")
If Program=1 Then
Set Objswb1=objlocator.connectserver (IPAddress, "Root/default", Username,password)
Set Obj11=objswb1.get ("StdRegProv")
End If
WNL "OS Info:"
WNL "Computer Name:" &obj1.name
WNL "User Name:" &obj1.username
WNL "Domain:" &obj1.domain
Domainrole= ""
Select Case Obj1.domainrole
Case 0
Domainrole= "Workstation"
Case 1
domainrole= "member Workstation"
Case 2
Domainrole= "Server"
Case 3
domainrole= "member Server"
Case 4
domainrole= "Backup Domain Controller"
Case 5
domainrole= "Main Domain Controller"
End Select
With Obj2
WNL "Domain role:" &domainrole
WNL "Caption:" &.caption
WNL "organization:" &.organization
WNL "Registered User:" &.registereduser
WNL "Install Date:" &timeformat (. installdate)
WNL "Last bootup Time:" &timeformat (. lastbootuptime)
WNL "Windows Directory:" &.windowsdirectory
If Viewtype=1 Then
WNL "System Directory:" &.systemdirectory
WNL "Boot Device:" &.bootdevice
WNL "Country Code:" &.countrycode
WNL "CSName:" &.csname
WNL "Description:" &.description
WNL "Manufacturer:" &.manufacturer
WNL "Serial number:" &.serialnumber
WNL "Version:" &.version
WNL "System Type:" &obj1.systemtype
WNL "System Startup Delay:" &obj1.systemstartupdelay& "s"
WNL "System Startup Options:" &obj1.systemstartupoptions (0)
For I=1 to UBound (obj1.systemstartupoptions)
WNL Space (a) &obj1.systemstartupoptions (i)
Next
End If
End With
WNL vbcrlf& "Processor Info:"
WNL "Number of processors:" &obj1.numberofprocessors
For each obj3 in col3
With Obj3
WNL "Device ID:" &.deviceid
WNL "Name:" &.name
WNL "Current Clock Speed:" &.currentclockspeed& "MHz"
WNL "Description:" &.description
If Viewtype=1 Then
WNL "Ext Clock:" &.extclock& "MHz"
WNL "L2 Cache Size:" &.l2cachesize& "KB"
WNL "L2 Cache Speed:" &.l2cachespeed& "MHz"
WNL "Processor Id:" &.processorid
WNL "Manufacturer:" &.manufacturer
WNL "Socket designation:" &.socketdesignation
WNL "Address Width:" &.addresswidth& "Bit"
WNL "Data Width:" &.datawidth& "Bit"
End If
End With
Next
With Obj4
WNL vbcrlf& "Memory Info:"
WNL "Total physical Memory:" &cint (. totalphysicalmemory/1024) & "MB"
WNL "Free physical Memory:" &cint (obj2.freephysicalmemory/1024) & "MB"
If Viewtype=1 Then
WNL "Total PageFile spaces:" &cint (. totalpagefilespace/1024) & "MB"
WNL "Total Virtual Memory:" &cint (. totalvirtualmemory/1024) & "MB"
WNL "Available Virtual Memory:" &cint (. availablevirtualmemory/1024) & "MB"
End If
End With
If Viewtype=1 Then
WNL vbcrlf& "BIOS Info:"
WNL "Description:" &obj5.description
WNL "Current Language:" &obj5.currentlanguage
WNL "Version:" &obj5.version
WNL "Manufacturer:" &obj5.manufacturer
End If
With Obj6
WNL vbcrlf& "Display Configuration:"
WNL "Caption:" &.caption
If Viewtype=1 Then
WNL "Device Name:" &.devicename
WNL "Driver Version:" &.driverversion
End If
WNL "Display Frequency:" &.displayfrequency& "Hz"
WNL "Bits per Pel:" &.bitsperpel& "Bit"
WNL "Pels:" &.pelswidth& "x" &.pelsheight
End With
WNL vbcrlf& "Disk Info:"
For each OBJ7 in COL7
With OBJ7
WNL "DeviceID:" &.deviceid
WNL "Caption:" &.caption
WNL "Interface Type:" &.interfacetype
If Viewtype=1 Then
WNL "SCSI bus:" &.scsibus
WNL "SCSI Logical unit:" &.scsilogicalunit
WNL "SCSI Port:" &.scsiport
WNL "SCSI targetid:" &.scsitargetid
WNL "Sectors per Track:" &.sectorspertrack& "KB"
End If
WNL "Partitions:" &.partitions
WNL "Size:" &sizeformat (. Size)
End With
Next
Str= "Volume" +space (2) + "Type" +space (8) + "Format" +space (4)
str=str+ "Size" +space (6) + "free" +space () + "Label"
WNL Str
For each obj8 in Col8
With Obj8
Drivetype= ""
Select Case. DriveType
Case 0
Drivetype= "Unknow"
Case 1
Drivetype= "Norootdir"
Case 2
Drivetype= "Removable"
Case 3
Drivetype= "Fixed"
Case 4
Drivetype= "Network"
Case 5
Drivetype= "CD-ROM"
Case 6
Drivetype= "RAM"
End Select
Strpercent= ""
If .size<> "" and .freespace<> "" Then
Strpercent= "(" &formatpercent (. freespace/.size,0) & ")"
End If
Str= "" &wsp (. caption,8) &wsp (drivetype,12) &wsp (. filesystem,10) &wsp (Sizeformat (. Size), 10)
STR=STR&WSP (Sizeformat (. freespace) &strpercent,16) &.volumename
WNL Str
End With
Next
WNL vbcrlf& "NIC informaton:"
For each obj9 in COL9
With Obj9
If. IPEnabled Then
WNL "Index:" &.index
WNL "Description:" &.description
If Viewtype=1 Then
WNL "DHCP Enabled:" &.dhcpenabled
WNL "DHCP Server:" &.dhcpserver
WNL "DNS Host Name:" &.dnshostname
WNL "DNS Server Search Order:" &WFL (. DNSServerSearchOrder)
WNL "WINS Primary Server:" &.winsprimaryserver
End If
WNL "IP Address:" &WFL (. IPAddress)
WNL "MAC Address:" &.macaddress
WNL "Default IP Gateway:" &WFL (. DefaultIPGateway)
WNL "IP Subnet:" &WFL (. ipsubnet)
If Viewtype=1 Then
WNL "IP Filter security Enabled:" &.ipfiltersecurityenabled
WNL "IPSec Permit IP Protocols:" &WFL (. IPSecPermitIPProtocols)
WNL "IPSec Permit TCP Ports:" &WFL (. ipsecpermittcpports)
WNL "IPSec Permit UDP Ports:" &WFL (. ipsecpermitudpports)
End If
End If
End With
Next
If Viewtype=1 Then
WNL vbcrlf& "Hot fixes Info:"
For each obj10 in COL10
WNL "Hot Fix ID:" &obj10.hotfixid
WNL "Fix Comments:" &obj10.fixcomments
WNL "Install Date:" &obj10.installdate
WNL "Service Pack in Effect:" &obj10.servicepackineffect
Next
End If
If Program=1 Then
WNL vbcrlf& "Applications:"
hklm=&h80000002
Keypath= "Software\microsoft\windows\currentversion\uninstall\"
Obj11.enumkey Hklm,keypath,keyarray
ReDim Str (UBound (keyarray) +1)
J=0
For i=0 to UBound (Keyarray)
Obj11.getstringvalue Hklm,keypath+keyarray (i), "displayname", strvalue
If strvalue<> "" Then
Str (j) =strvalue
J=j+1
End If
Next
If J>1 Then
For I=0 to J-1
For K=0 to J-i-1
If StrComp (str (k), str (k+1), 1) =1 Then
Strtemp=str (k+1)
STR (k+1) =str (k)
Str (k) =strtemp
End If
Next
Next
End If
For I=0 to J-1
WNL "" &str (i)
Next
End If
Sub Showerr ()
If Err.Number Then
WScript.Echo "Error 0x" &cstr (Hex (err.number)) & "."
If err.description<> "" Then
WScript.Echo "Error Description:" &err.description& "."
End If
Wscript.Quit
End If
End Sub
Sub Wnl (msg)
WScript.Echo msg
If IsObject (OF) then
On Error Resume Next
Of.writeline msg
ShowError ()
On Error Goto 0
End If
End Sub
function WFL (ByRef obj)
Str= ""
For i=0 to UBound (obj)
Str=str&obj (i) & ""
Next
Wfl=str
End Function
function wsp (Msg,num)
If msg<> "" Then
Msg=left (msg,num-1)
Wsp=msg&space (Num-len (msg))
Else
Wsp=space (num)
End If
End Function
function TimeFormat (msg)
Timeformat=left (msg,4) & "/" &mid (msg,5,2) & "/" &mid (msg,7,2) & "" &mid (msg,9,2) & ":" & Mid (msg,11,2) & ":" &mid (msg,13,2)
End Function
function Sizeformat (msg)
If msg<> "" Then
size=msg/1048576
If size>1024 Then
Sizeformat=round (size/1024,2) & "GB"
Else
Sizeformat=round (size,1) & "MB"
End If
End If
End Function
function Objget (msg)
Set Col=objswb.instancesof (msg)
For each objx in Col
Set OBJ=OBJX
Next
Set Objget=obj
End Function
function usage ()
WScript.Echo String (79, "*")
WScript.Echo "RGIS v1.03"
WScript.Echo "Remote Get Infomation Script, by Zzzevazzz"
WScript.Echo "Welcome to visite www.isgrey.com & Www.h4h4.com"
WScript.Echo "Usage:"
WScript.Echo "Cscript Rgis.vbs [/R targetip username password] [/o filename] [/v] [/a] [/h]"
WScript.Echo "/r:remote Get info."
WScript.Echo "/o:output to File."
WScript.Echo "/v:get more infomation."
WScript.Echo "/a:get applications infomation."
WScript.Echo "/h:show usage."
WScript.Echo String (+, "*") &vbcrlf
End Function