如何編寫VBScript通過對比注冊表查找隱藏的服務(wù)

發(fā)布時間：2021-10-11 22:12:26 來源：億速云閱讀：131 作者：iii 欄目：開發(fā)技術(shù)

本篇內(nèi)容介紹了“如何編寫VBScript通過對比注冊表查找隱藏的服務(wù)”的有關(guān)知識，在實際案例的操作過程中，不少人都會遇到這樣的困境，接下來就讓小編帶領(lǐng)大家學習一下如何處理這些情況吧！希望大家仔細閱讀，能夠?qū)W有所成！

復(fù)制代碼代碼如下:

'On Error Resume Next

Const HKEY_LOCAL_MACHINE = &H80000002

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")

strKeyPath = "SYSTEM\CurrentControlSet\Services"
oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys

Wscript.Echo "Checking, please wait ..."
Wscript.Echo ""

For Each subkey In arrSubKeys
oReg.GetStringValue HKEY_LOCAL_MACHINE, strKeyPath & "\\" & subkey, "ObjectName", strValue

If Not (strValue = "") Then
  '判斷服務(wù), 利用數(shù)組來比較不知道會不會快些？
  If Not (CheckSvr(subkey)) Then
   Wscript.Echo subkey & FormatOutTab(subkey) & strValue & FormatOutTab(strValue) & "[ Hidden ]"
  Else
   Wscript.Echo subkey & FormatOutTab(subkey) & strValue & FormatOutTab(strValue) & "[   OK   ]"
  End If

End If
Next
Wscript.Echo ""
Wscript.Echo "All done."
Wscript.Quit (0)

Function CheckSvr(strName)
Set oWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set cService = oWMI.ExecQuery("Select * from Win32_Service WHERE Name='" & strName & "'")
If (cService.count <> 0) Then
CheckSvr = True
Else
CheckSvr = False
End If
End Function

Function FormatOutTab(strName)
strLen = Len(strName)
Select Case True
  Case strLen < 8
   FormatOutTab = vbTab & vbTab & vbTab & vbTab & vbTab

  Case strLen < 16
   FormatOutTab = vbTab & vbTab & vbTab & vbTab

  Case strLen < 24
   FormatOutTab = vbTab & vbTab & vbTab

  Case strLen < 32
   FormatOutTab = vbTab & vbTab

  Case strLen < 40
   FormatOutTab = vbTab

  Case Else
   FormatOutTab = vbTab
  End Select
End Function

利用字典，速度要快很多：

復(fù)制代碼代碼如下:

Dim oDic, oReg, oWmi, arrServices
Const HKEY_LOCAL_MACHINE = &H80000002

Wscript.Echo "[*] Checking, please wait ..."
Wscript.Echo ""

Set oDic = CreateObject("Scripting.Dictionary")

Set oWmi = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\.\root\cimv2")
Set arrServices = oWmi.ExecQuery("Select * from Win32_Service")
For Each strService In arrServices
oDic.Add strService.Name, strService.Name
Next

Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
strKeyPath = "SYSTEM\CurrentControlSet\Services"
oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys

For Each subkey In arrSubKeys
oReg.GetStringValue HKEY_LOCAL_MACHINE, strKeyPath & "\\" & subkey, "ObjectName", strValue
If Not (strValue = "") Then
  If oDic.Exists(subkey) Then
   Wscript.Echo subkey & FormatOutTab(subkey) & strValue & FormatOutTab(strValue) & "[   OK   ]"
  Else
   Wscript.Echo subkey & FormatOutTab(subkey) & strValue & FormatOutTab(strValue) & "[ Hidden ]"
  End If
End If
Next

oDic.RemoveAll

Wscript.Echo ""
Wscript.Echo "[*] All done."
Wscript.Quit (0)

Function FormatOutTab(strName)
strLen = Len(strName)
Select Case True
  Case strLen < 8
   FormatOutTab = vbTab & vbTab & vbTab & vbTab

  Case strLen < 16
   FormatOutTab = vbTab & vbTab & vbTab

  Case strLen < 24
   FormatOutTab = vbTab & vbTab

Case strLen < 32
FormatOutTab = vbTab

  Case Else
   FormatOutTab = vbTab
  End Select
End Function

“如何編寫VBScript通過對比注冊表查找隱藏的服務(wù)”的內(nèi)容就介紹到這里了，感謝大家的閱讀。如果想了解更多行業(yè)相關(guān)的知識可以關(guān)注億速云網(wǎng)站，小編將為大家輸出更多高質(zhì)量的實用文章！

向AI問一下細節(jié)

如何編寫VBScript通過對比注冊表查找隱藏的服務(wù)

猜你喜歡

最新資訊

相關(guān)推薦

相關(guān)標簽