**************************************** ***************************************
RGIS v1.03
Remote Get Infomation Script, by zzzEVAzzz
Welcome to visite www.isgrey.com & www.h4h4.com
Usage:
Cscript rgis. vbs [/r targetIP username password] [/o filename] [/v] [/a] [/h]
/R: remote get info.
/O: output to file.
/V: get more infomation.
/A: get applications infomation.
/H: show usage.
**************************************** ***************************************
Description: A script used to remotely or locally obtain system information.
Feature: whether the target ipc $ is enabled or not.
Principle: directly access the target windows Management Specification Service (WMI ).
Supported platforms: win2kpro win2kserver winxp
Usage:
Use the script cscript.exe in the command line to call the script. For example:
C: \> cscript rgis. vbs [/r target IP user name and password] [/o output file] [/v] [/a] [/h]
All parameters are optional.
/R is used to remotely obtain information. The empty password is represented.
/O adds the path and name of the output file. If the file does not exist, it is automatically created. If the file exists, the information is added at the end.
/V.
/A gets the application information.
/H displays Usage.
Local information is displayed without parameters.
Port 135 of the target port accessed by the script. If the target port 135 is not open or the WMI Service is disabled, the script cannot be used.
In addition, if the network is not good, it may wait a lot of time.
If you have any questions or suggestions, please send me a short message at the gray track forum or H4 Network Security Forum. My ID is zzzevazzz
Last Updated: 2002-12-7
Update record:
1.03 added the function of obtaining application information.
1.02 added the ability to obtain simple HotFix and port filtering information.
1.01 added the file output function.
First Version 1.00Copy codeThe Code is as follows: if (lcase (right (wscript. fullname, 11) = "wscript.exe") then
Set objshell = wscript. createobject ("wscript. shell ")
Objshell. run ("cmd.exe/k cscript // nologo" & chr (34) & wscript. scriptfullname & chr (34 ))
Wscript. quit
End if
With wscript. arguments
If. count> 0 then
Ipaddress = "."
Outfile = ""
Username = ""
Password = ""
Viewtype = 0
Program = 0
For arg = 0 to. count-1
Select case left (lcase (. item (arg), 2)
Case "/h ","/? "," \ H ","\? "
Usage ()
Wscript. quit
Case "/r", "\ r"
If arg + 3 <=. count-1 then
Ipaddress =. item (arg + 1)
Username =. item (arg + 2)
Password =. item (arg + 3)
Else
Wscript. echo "Arguments Error! "& Vbcrlf
Usage ()
Wscript. quit
End if
Case "/v", "\ v"
Viewtype = 1
Case "/o", "\ o"
Outfile =. item (arg + 1)
Case "/a", "\"
Program = 1
End select
Next
End if
End
On error resume next
If outfile <> "" then
Set fs = createobject ("scripting. filesystemobject ")
Showerr ()
Set of = fs. opentextfile (outfile, 8, true)
Showerr ()
End if
Wscript. echo "Getting Infomation..." & vbcrlf
Set objlocator = createobject ("wbemscripting. swbemlocator ")
Showerr ()
Set objswb = objlocator. connectserver (ipaddress, "root/cimv2", username, password)
Showerr ()
On error goto 0
Set obj1 = objget ("win32_computersystem ")
Set obj2 = objget ("win32_operatingsystem ")
Set col3 = objswb. instancesof ("win32_processor ")
Set obj4 = objget ("win32_logicalmemoryconfiguration ")
Set obj5 = objget ("win32_bios ")
Set obj6 = objget ("win32_displayconfiguration ")
Set col7 = objswb. instancesof ("win32_diskdrive ")
Set col8 = objswb. instancesof ("win32_logicaldisk ")
Set col9 = objswb. instancesof ("win32_networkadapterconfiguration ")
Set col10 = objswb. instancesof ("win32_quickfixengineering ")
If program = 1 then
Set objswb1 = objlocator. connectserver (ipaddress, "root/default", username, password)
Set obj11 = objswb1.get ("stdregprov ")
End if
Wnl "OS Info :"
Wnl "Computer Name:" & obj1.name
Wnl "User Name:" & obj1.username
Wnl "Domain:" & obj1.domain
Domainrole = ""
Select case obj1.domainrole
Case 0
Domainrole = "Workstation"
Case 1
Domainrole = "Member Workstation"
Case 2
Domainrole = "Server"
Case 3
Domainrole = "Member Server"
Case 4
Domainrole = "Backup Domain Controller"
Case 5
Domainrole = "Main Domain Controller"
End select
With obj2
Wnl "Domain Role:" & domainrole
Wnl "Caption:" &. caption
Wnl "Organization:" &. organization
Wnl "Registered User:" &. registereduser
Wnl "Install Date:" & timeformat (. installdate)
Wnl "Last BootUp Time:" & timeformat (. lastbootuptime)
Wnl "Windows Directory:" &. windowsdirectory
If viewtype = 1 then
Wnl "System Directory:" &. systemdirectory
Wnl "Boot Device:" &. bootdevice
Wnl "Country Code:" &. countrycode
Wnl "CSName:" &. csname
Wnl "Description:" &. description
Wnl "Manufacturer:" &. manufacturer
Wnl "Serial Number:" &. serialnumber
Wnl "Version:" &. version
Wnl "System Type:" & obj1.systemtype
Wnl "System Startup Delay:" & obj1.systemstartupdelay & "s"
Wnl "System Startup Options:" & obj1.systemstartupoptions (0)
For I = 1 to ubound (obj1.systemstartupoptions)
Wnl space (28) & obj1.systemstartupoptions (I)
Next
End if
End
Wnl vbcrlf & "Processor Info :"
Wnl "Number Of Processors:" & obj1.numberofprocessors
For each obj3 in col3
With obj3
Wnl "Device ID:" &. deviceid
Wnl "Name:" &. name
Wnl "Current Clock Speed:" &. currentclockspeed & "MHz"
Wnl "Description:" &. description
If viewtype = 1 then
Wnl "Ext Clock:" &. extclock & "MHz"
Wnl "L2 Cache Size:" &. l2cachesize & "KB"
Wnl "L2 Cache Speed:" &. l2cachespeed & "MHz"
Wnl "Processor Id:" &. processorid
Wnl "Manufacturer:" &. manufacturer
Wnl "Socket Designation:" &. socketdesignation
Wnl "Address Width:" &. addresswidth & "Bit"
Wnl "Data Width:" &. datawidth & "Bit"
End if
End
Next
With obj4
Wnl vbcrlf & "Memory Info :"
Wnl "Total Physical Memory:" & cint (. totalphysicalmemory/1024) & "MB"
Wnl "Free Physical Memory:" & cint (obj2.freephysicalmemory/1024) & "MB"
If viewtype = 1 then
Wnl "Total PageFile Space:" & cint (. totalpagefilespace/1024) & "MB"
Wnl "Total Virtual Memory:" & cint (. totalvirtualmemory/1024) & "MB"
Wnl "Available Virtual Memory:" & cint (. availablevirtualmemory/1024) & "MB"
End if
End
If viewtype = 1 then
Wnl vbcrlf & "BIOS Info :"
Wnl "Description:" & obj5.description
Wnl "Current Language:" & obj5.currentlanguage
Wnl "Version:" & obj5.version
Wnl "Manufacturer:" & obj5.manufacturer
End if
With obj6
Wnl vbcrlf & "Display Configuration :"
Wnl "Caption:" &. caption
If viewtype = 1 then
Wnl "Device Name:" &. devicename
Wnl "Driver Version:" &. driverversion
End if
Wnl "Display Frequency:" &. displayfrequency & "Hz"
Wnl "Bits Per Pel:" &. bitsperpel & "Bit"
Wnl "Pels:" &. pelswidth & "x" &. pelsheight
End
Wnl vbcrlf & "Disk Info :"
For each obj7 in col7
With obj7
Wnl "DeviceID:" &. deviceid
Wnl "Caption:" &. caption
Wnl "Interface Type:" &. interfacetype
If viewtype = 1 then
Wnl "SCSI Bus:" &. scsibus
Wnl "SCSI Logical Unit:" &. scsilogicalunit
Wnl "SCSI Port:" &. scsiport
Wnl "SCSI TargetId:" &. scsitargetid
Wnl "Sectors Per Track:" &. sectorspertrack & "KB"
End if
Wnl "Partitions:" &. partitions
Wnl "Size:" & sizeformat (. size)
End
Next
Str = "Volume" + space (2) + "Type" + space (8) + "Format" + space (4)
Str = str + "Size" + space (6) + "Free" + space (12) + "Label"
Wnl str
For each obj8 in col8
With obj8
Drivetype = ""
Select case. drivetype
Case 0
Drivetype = "Unknow"
Case 1
Drivetype = "NoRootDir"
Case 2
Drivetype = "Removable"
Case 3
Drivetype = "Fixed"
Case 4
Drivetype = "Network"
Case 5
Drivetype = "CD-ROM"
Case 6
Drivetype = "RAM"
End select
Strpercent = ""
If. size <> "" and. freespace <> "" then
Strpercent = "(" & formatpercent (. freespace/. size, 0 )&")"
End if
Str = "" & wsp (. caption, 8) & wsp (drivetype, 12) & wsp (. filesystem, 10) & wsp (sizeformat (. size), 10)
Str = str & wsp (sizeformat (. freespace) & strpercent, 16) &. volumename
Wnl str
End
Next
Wnl vbcrlf & "NIC Informaton :"
For each obj9 in col9
With obj9
If. IPEnabled then
Wnl "Index:" &. index
Wnl "Description:" &. description
If viewtype = 1 then
Wnl "DHCP Enabled:" &. dhcpenabled
Wnl "DHCP Server:" &. dhcpserver
Wnl "DNS Host Name:" &. dnshostname
Wnl "DNS Server Search Order:" & wfl (. dnsserversearchorder)
Wnl "WINS Primary Server:" &. winsprimaryserver
End if
Wnl "IP Address:" & wfl (. ipaddress)
Wnl "MAC Address:" &. macaddress
Wnl "Default IP Gateway:" & wfl (. defaultipgateway)
Wnl "IP Subnet:" & wfl (. ipsubnet)
If viewtype = 1 then
Wnl "IP Filter Security Enabled:" &. ipfiltersecurityenabled
Wnl "IPSec Permit IP Protocols:" & wfl (. ipsecpermitipprotocols)
Wnl "IPSec Permit TCP Ports:" & wfl (. ipsecpermittcpports)
Wnl "IPSec Permit UDP Ports:" & wfl (. ipsecpermitudpports)
End if
End if
End
Next
If viewtype = 1 then
Wnl vbcrlf & "Hot Fixes Info :"
For each obj10 in col10
Wnl "Hot Fix ID:" & obj10.hotfixid
Wnl "Fix Comments:" & obj10.fixcomments
Wnl "Install Date:" & obj10.installdate
Wnl "Service Pack In Effect:" & obj10.servicepackineffect
Next
End if
If program = 1 then
Wnl vbcrlf & "Applications :"
HKLM = & h80000002
Keypath = "SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall \"
Obj11.enumkey HKLM, keypath, keyarray
Redim str (ubound (keyarray) + 1)
J = 0
For I = 0 to ubound (keyarray)
Obj11.getstringvalue HKLM, keypath + keyarray (I), "displayname", strvalue
If strvalue <> "" then
Str (j) = strvalue
J = j + 1
End if
Next
If j> 1 then
For I = 0 to J-1
For k = 0 to j-i-1
If strcomp (str (k), str (k + 1), 1) = 1 then
Strtemp = str (k + 1)
Str (k + 1) = str (k)
Str (k) = strtemp
End if
Next
Next
End if
For I = 0 to J-1
Wnl "" & str (I)
Next
End if
Sub showerr ()
If err. number then
Wscript. echo "Error 0x" & cstr (hex (err. number ))&"."
If err. description <> "" then
Wscript. echo "Error description:" & err. description &"."
End if
Wscript. quit
End if
End sub
Sub wnl (msg)
Wscript. echo msg
If isobject (of) then
On error resume next
Of. writeline msg
Showerror ()
On error goto 0
End if
End sub
Function wfl (byref obj)
Str = ""
For I = 0 to ubound (obj)
Str = str & obj (I )&""
Next
Wfl = str
End function
Function wsp (msg, num)
If msg <> "then
Msg = left (msg, num-1)
Wsp = msg & space (num-len (msg ))
Else
Wsp = space (num)
End if
End function
Function timeformat (msg)
Timeformat = left (msg, 4) & "/" & mid (msg, 5, 2) & "/" & mid (msg, 7, 2) & "& mid (msg, 9, 2) & ":" & mid (msg, 11, 2) & ":" & mid (msg, 13, 2)
End function
Function sizeformat (msg)
If msg <> "then
Size = msg/1048576
If size & gt; 1024 then
Sizeformat = round (size/1024,2) & "GB"
Else
Sizeformat = round (size, 1) & "MB"
End if
End if
End function
Function objget (msg)
Set col = objswb. instancesof (msg)
For each objx in col
Set obj = objx
Next
Set objget = obj
End function
Function usage ()
Wscript. echo string (79 ,"*")
Wscript. echo "RGIS v1.03"
Wscript. echo "Remote Get Infomation Script, by zzzEVAzzz"
Wscript. echo "Welcome to visite www.isgrey.com & www.h4h4.com"
Wscript. echo "Usage :"
Wscript. echo "cscript rgis. vbs [/r targetIP username password] [/o filename] [/v] [/a] [/h]"
Wscript. echo "/r: remote get info ."
Wscript. echo "/o: output to file ."
Wscript. echo "/v: get more infomation ."
Wscript. echo "/a: get applications infomation ."
Wscript. echo "/h: show usage ."
Wscript. echo string (79, "*") & vbcrlf
End function