|
先看一下官方的教程:
NirCMD 雖然只有30KB���,但是功能非常強大�����,尤其是對底層的操作����,是第三方命令行擴展必備的工具����!
想擺脫用 ping 延時耗資源又不準確的尷尬局面嗎?想試試批處理控制鍵盤鼠標指哪打哪的快感嗎���?想把運行中的程序剝開��,干點什么壞事嗎����?哈哈,還沒接觸過它的快快行動吧���,下載下來放到 system32 里面去吧?��。?!
本人一向喜歡實驗,至于什么彈彈光驅(qū)�����、創(chuàng)建快捷方式����、改改注冊表、彈個什么圖形界面對話框這些玩意今天就不說了����,今天給你們見識幾個更高級,也更有意思的看得見的例子�。
(注意:1 所有的都是隱藏運行,你試完過后記得殺掉cmd進程 ;2 其實隱藏自身也是可以用 NirCMD搞定的����,但是我沒這么做; 3 最后一個代碼我沒說怎么破解����,你們自己試試先����。。)
請到此官方網(wǎng)站下載:
http://www./utils/nircmd.html
我現(xiàn)在用的是 NirCmd v2.37
==========================================================
No 1. QQ2009 監(jiān)控���。(以程序本質(zhì)為監(jiān)控依據(jù))
-------------------------
各位公司老板���,各位部門經(jīng)理,我向你們推薦寫的腳本���,簡單實用��,你們不用再那么麻煩去封端口啦���,直接運行個服務(wù),把我的批處理加到電腦就好了,嘿嘿����。。����。。�����。
第一個����。這個是裝在老板機器上的,只有以前登陸過的號碼才可以登陸���。
禁止別人在本機登陸QQ2009.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:: 經(jīng)測試����,不能用NIRCMD自己的loop循環(huán)���,否則的話重啟QQ再打開就會失效�。
:ching
nircmd win child class TXGuiFoundation disable class ATL:30A4E1D8
nircmd wait 1000
goto ching
第二個。這個是裝在員工機器上的(看你怎么登�����,哼�����;就是已經(jīng)登了也讓你用不了�����,哼哼)��。
禁止使用QQ2009.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:ching
nircmd win child class TXGuiFoundation hide class Edit
nircmd win disable class TXGuiFoundation
nircmd wait 1000
goto ching
-------------------------------------------------------------------
No.2 網(wǎng)絡(luò)信息瀏覽監(jiān)控(以表面信息為監(jiān)控依據(jù))
第一個����。
想在我機器上登陸人人網(wǎng)����?開心網(wǎng)?QQ空間�����?還想偷菜??���。?門都沒有����!就是baidugoogle里面查一下都不許!�����!
(哼����,IE不讓上我換360安全瀏覽器上就是。)
你盡管試試����,別說這垃圾瀏覽器,火狐也不行�����。
禁止偷菜.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:ching
nircmd win sendmsg ititle "人人網(wǎng)" 0x0B 0 0
nircmd win sendmsg ititle "開心網(wǎng)" 0x0B 0 0
nircmd win sendmsg ititle "qzone.qq.com" 0x0B 0 0
nircmd wait 5000
goto ching
*** 2009-12-18 添加 ***
上面的代碼注重的是通用性����,任何瀏覽器或者任何程序窗口標題符合條件都將被封鎖以致崩潰�,下面是一個精確封殺的例子�,效果是在 IE8 瀏覽器中登陸相關(guān)網(wǎng)站時,相應(yīng)的選項卡中內(nèi)容就看不見以致不能操作:
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:: 在IE8中禁止上一些網(wǎng)站
:ching
for %%i in ("人人網(wǎng)","開心網(wǎng)","qzone.qq.com") do (
nircmd win child class "IEFrame" child class "Frame Tab" hide ititle %%i
)
nircmd wait 5000
goto ching
--------------------------------
No.3 難道是 explorer.exe 被病毒感染了��?我怎么什么都看不到?���。?��?
掏空EXPLORER.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:ching
nircmd win trans class "CabinetWClass" 0
nircmd wait 1000
goto ching
要改回來請用
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
nircmd win trans class "CabinetWClass" 255
0 到 255 是透明度的意思���,值得說明的是當(dāng)值大于0時����,窗口時鏤空的,即在那個相框里面點鼠標實際上是點到它下一層���,也就是你實際看到的東西�;而大于0時����,就是半透明效果����,點到的是這個窗口之內(nèi)的東西����,即使你肉眼看不到。
----------------------------------------
No. 4 我的電腦你別動?���。?���!
(臥槽,這么狂����?我可知道你密碼,看你怎么防?�。?br>
可惜啊�����,知道我的密碼不夠,還得信 Spring Brother 才行?��?���!
電腦死了.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
if "%1" neq "" goto ching
start mshta vbscript:execute("createobject(""wscript.shell"").run ""%~s0 ching"", 0, false:window.close")
exit
:ching
nircmd win disable class "Shell_TrayWnd"
nircmd win disable class "Progman"
nircmd win disable class "CabinetWClass"
nircmd wait 1000
goto ching
別怕���,我有解藥:
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
nircmd win enable class "Shell_TrayWnd"
nircmd win enable class "Progman"
nircmd win enable class "CabinetWClass"
Version 2 --- 凝固并臨時鎖定屏幕
凝固屏幕.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
nircmd win activate class ConsoleWindowClass
nircmd setcursorwin 10 10
nircmd sendmouse right down
pause
nircmd sendmouse right up
(請勿刪除 pause ?���。�����。��。?br>
單機鼠標右鍵即可退出此狀態(tài)
Version 3 ---- 草���,電腦被病毒控制了!菜鳥小心?��?!
(此批處理程序:你知道我這次為什么不隱身嗎?嘿嘿嘿��。���。����。)
人和電腦比手速.bat
CODE: [Copy to clipboard]
--------------------------------------------------------------------------------
@echo off
title (C)2009 『據(jù)說是李先生』
echo 我靠����,電腦中病毒了,沒辦法��,重啟吧�。。���。
nircmd win hide class "Shell_TrayWnd"
nircmd win hide class "Progman"
nircmd win hide class "CabinetWClass"
:ching
nircmd win activate class ConsoleWindowClass
nircmd win activete title "(C)2009 『據(jù)說是李先生』"
nircmd setcursorwin 10 10
nircmd sendmouse right down
nircmd wait 100
goto ching
(好怕怕���,他還沒給解藥就跑啦!?��。�。?/p>
*** 2009-12-18 添加 ***
附件已經(jīng)上傳,里面包含這個的退出方法���,以及網(wǎng)上找的中文說明文檔
Examples of what you can do with NirCmd
Open the door of J: CD-ROM drive nircmd.exe cdrom open j:
Close the door of Y: CD-ROM drive nircmd.exe cdrom close y:
Speaks the text currently in the clipboard (For Windows XP and Vista). speak text ~$clipboard$
Increase the system volume by 2000 units (out of 65535) nircmd.exe changesysvolume 2000
Decrease the system volume by 5000 units (out of 65535) nircmd.exe changesysvolume -5000
Set the volume to the highest value nircmd.exe setsysvolume 65535
Mute the system volume nircmd.exe mutesysvolume 1
Unmute the system volume nircmd.exe mutesysvolume 0
Switch the system volume between the mute and normal state. nircmd.exe mutesysvolume 2
Create a shortcut on your desktop that switch the system volume between the mute and normal state. nircmd.exe cmdshortcut "~$folder.desktop$" "Switch Volume" mutesysvolume 2
Turn off the monitor nircmd.exe monitor off
Start the default screen saver nircmd.exe screensaver
Put your computer in 'standby' mode nircmd.exe standby
log off the current user nircmd.exe exitwin logoff
Ask if you want to reboot, and if you answer 'Yes', reboot the computer. nircmd.exe qboxcom "Do you want to reboot ?" "question" exitwin reboot
Turn off your computer nircmd.exe exitwin poweroff
Turn off all computers specified in computers.txt ! multiremote copy "c:\temp\computers.txt" exitwin poweroff force
Dial to "My Internet" connection nircmd.exe rasdial "My Internet"
Disconnect the "My Internet" connection nircmd.exe rashangup "My Internet"
Make your Internet Explorer windows 75% transparent ! (192 / 256) nircmd.exe win trans ititle "internet explorer" 192
Minimize all your Internet Explorer windows nircmd.exe win min class "IEFrame"
Close all your Internet Explorer windows nircmd.exe win close class "IEFrame"
Close all your Explorer windows (My Computer, folders, and so on) nircmd.exe win close class "CabinetWClass"
Hide all your Internet Explorer windows nircmd.exe win hide class "IEFrame"
Show all your Internet Explorer windows (after you made them hidden with previous example) nircmd.exe win show class "IEFrame"
Center all top-level windows nircmd.exe win center alltop
Remove the title bar of My Computer window. nircmd.exe win -style title "my computer" 0x00C00000
Return the title bar of My Computer window that we removed in the previous example. nircmd.exe win +style title "my computer" 0x00C00000
Set the My Computer window to right-to-left order (For hebrew and arabic languages) nircmd win +exstyle title "my computer" 0x00400000
Set all child windows of My Computer window to right-to-left order (For hebrew and arabic languages) nircmd win child title "my computer" +exstyle all 0x00400000
Create a shortcut on your desktop that closes all your Internet Explorer windows nircmd.exe cmdshortcut " "~$folder.desktop$ "Close All IE" win close class "IEFrame"
Create a shortcut on your desktop that hides all your Internet Explorer windows nircmd.exe cmdshortcut " "~$folder.desktop$ "Hide All IE" win hide class "IEFrame"
Create a shortcut on your desktop that shows back all your Internet Explorer windows nircmd.exe cmdshortcut " "~$folder.desktop$ "Show All IE" win show class "IEFrame"
Set the Windows Calculator as top-most window (above all other windows) nircmd.exe win settopmost title "Calculator" 1
Set the Windows Calculator back to regular window (non top-most window) nircmd.exe win settopmost title "Calculator" 0
Create a shortcut to Windows calculator under Start Menu->Programs->Calculators nircmd.exe shortcut "f:\winnt\system32\calc.exe" "~$folder.programs$\Calculators" "Windows Calculator"
Hide the desktop window nircmd.exe win hide class progman
Show the desktop window (After hiding it in previous example) nircmd.exe win show class progman
Hide the start button on the system tray nircmd.exe win child class "Shell_TrayWnd" hide class "button"
Show the start button on the system tray nircmd.exe win child class "Shell_TrayWnd" show class "button"
Hide the clock on the system tray nircmd.exe win child class "Shell_TrayWnd" hide class "TrayClockWClass"
Show the clock on the system tray nircmd.exe win child class "Shell_TrayWnd" show class "TrayClockWClass"
Kill (terminate) all instance of Internet Explorer processes nircmd.exe killprocess iexplore.exe
Create a shortcut on your desktop that opens the door of K: CDROM drive when you run it. nircmd.exe cmdshortcut "~$folder.desktop$" "Open CDROM" cdrom open k:
Create a shortcut to NirSoft Web site on your desktop nircmd.exe urlshortcut "http://www." "~$folder.desktop$" "NirSoft"
Add NirSoft Web site to your Favorities under Links folder. nircmd.exe urlshortcut "http://www." "~$folder.favorites$\Links" "NirSoft"
Create a shortcut to NirSoft Web site on the desktop of all computers listed in computers.txt nircmd.exe multiremote copy "c:\temp\computers.txt" urlshortcut "http://www." "~$folder.common_desktop$" "NirSoft"
Set the display mode to 800x600x24bit colors nircmd.exe setdisplay 800 600 24
Create a shortcut on the desktop that set the display mode to 800x600x24bit colors nircmd.exe cmdshortcut "~$folder.desktop$" "800x600x24" setdisplay 800 600 24
Copy all shortcuts on your desktop to another folder (f:\temp\desktop). nircmd.exe execmd copy "~$folder.desktop$\*.lnk" f:\temp\desktop
Restart your Apache server (under Windows NT/2000/XP/2003) nircmd.exe service restart apache
Create a shortcut on your desktop that restarts the Apache server nircmd.exe cmdshortcut "~$folder.desktop$" "Restart Apache" service restart apache
Restart your IIS nircmd.exe service restart w3svc
Restart MySql nircmd.exe service restart MySql
Open the desired Registry key/value in RegEdit nircmd.exe regedit "HKLM\Software\Microsoft\Windows\CurrentVersion" "CommonFilesDir"
Open the Registry key that you copied to the clipboard in RegEdit. nircmd regedit "~$clipboard$"
Disable the screen saver nircmd.exe regsetval sz "HKCU\control panel\desktop" "ScreenSaveActive" 0
Enable the screen saver nircmd.exe regsetval sz "HKCU\control panel\desktop" "ScreenSaveActive" 1
Change the date/time of the specified filename (creation time and modified time) nircmd.exe setfiletime "c:\temp\myfile.txt" "24-06-2003 17:57:11" "22-11-2005 10:21:56"
Copy your desktop folder path to the clipboard nircmd.exe clipboard set ~$folder.desktop$
Copy your start menu folder path to the clipboard nircmd.exe clipboard set ~$folder.start_menu$
Copy the content of info1.txt (simple text file) to the clipboard nircmd.exe clipboard readfile "c:\My Files\info1.txt"
Add the text content of clipboard to info1.txt nircmd.exe clipboard addfile "c:\My Files\info1.txt"
Clear the clipboard nircmd.exe clipboard clear
Create all folders specified in "c:\temp\folders.txt". The folder path names are separated by CRLF characters. nircmd.exe paramsfile "c:\temp\folders.txt" "" "" execmd md ~$fparam.1$
Install the specified .NET assembly in the global assembly cache (like gacutil) nircmd.exe gac install "C:\temp\MyAssembly\bin\MyAssembly.dll"
Empty the recycle bin in all drives. nircmd.exe emptybin
Answer 'Yes' to a standard Windows message-box. nircmd.exe dlg "" "" click yes
Wait 2 seconds, and then save the current screen to shot.png nircmd.exe cmdwait 2000 savescreenshot "f:\temp\shot.png"
Save 10 screenshots in a loop, and wait 60 seconds between the screenshot save calls. The filenames of the screenshot will contain the time and date of the saved screenshot. nircmd.exe loop 10 60000 savescreenshot c:\temp\scr~$currdate.MM_dd_yyyy$-~$currtime.HH_mm_ss$.png
Wait until Firefox is closed, and then say "Firefox was closed" waitprocess firefox.exe speak text "Firefox was closed"
|
