hey...
With a happy collection of UDFs, I have my own Spyware.
Useful to see if gator.exe is running (or freecell.exe)
I have modified the ping() UDF a little, but I need to update it more to use the WSHPipe() instead of a temp file...
Happy spying ![[Smile]](images/icons/smile.gif)
BTW,
quote:
habbed is up at 164.51.34.115 explorer.exe is running. PID is 1104
hendersr is up at 164.51.34.48 explorer.exe is running. PID is 684
artuznac is up at 164.51.34.41
thornhij is up at 164.51.34.100 explorer.exe is running. PID is 1156
blank replies for explorer.exe should mean the machine isn't logged on.
quote:
valdesm is up at 164.51.34.78 Script error : unknown command !
$processes=GetObject("winmgmts:{impersonationLevel=impersonate}!//$COMPU
TER").ExecQuery("$pidselect")
is for some reason ping() is returning an IP while the PC is turned off
code:
$Group=Groupmembers("fdhc", "area06med-longterm",2)
$app="gator.exe"
for each $member in $group
? $member
$p=ping($member)
if $p
" is up at $p "
$l=listproc("$member","$app")
if $l
" $app is running. PID is $l"
endif
endif
next
gets $k
; ************************************************************************************************************
function Ping($Computer)
dim $ip, $ipfile, $err
$ipfile = 'c:\ip.txt'
shell '%Comspec% /q /e:1024 /c for /F "tokens=2 delims=[]" %%i IN ('+ chr(39) + '"ping $Computer -n 1 | find "]""' + chr(39) + ') do echo %%i >' + $ipfile
shell '%Comspec% /q /e:1024 /c for /F %%i IN ('+ chr(39) + '"ping $Computer -n 1 | find "Request timed out""' + chr(39) + ') do echo %%i >>' + $ipfile
$ = open(10,$ipfile,2) $ip = readline(10) $err = readline(10) $ = close(10) del $ipfile
if $err $ping=0 return endif
$ping=$ip
endfunction
FUNCTION LISTPROC($COMPUTER,$PROC)
dim $pidselect, $processes, $process
$pidselect="select * from Win32_Process where Name='$PROC'"
$processes=GetObject("winmgmts:{impersonationLevel=impersonate}!//$COMPUTER").ExecQuery("$pidselect")
if $processes
For each $Process in $processes
$Listproc=$Process.ProcessId
Next
endif
$processes=""
ENDFUNCTION
Function Groupmembers($target, $group, optional $flag)
DIM $temparray[8], $member, $i, $chunk, $flag, $ADSIFlag, $filterFlag
$chunk = ubound($temparray)
$flag = val($flag)
$i = 0
$group = getobject("WinNT://$target/$group")
if vartype($group) <> 9 exit(@error) endif
select
case $flag & 1 $filterflag = 1
case $flag & 2 $filterflag = 2
case $flag & 4 $filterflag = 4
case 1 $filterflag = 1
endselect
select
case $flag & 8 $ADSIFlag = 8
case $flag & 16 $ADSIFlag = 16
endselect
for each $member in $group.members
select
case $filterflag = 2 AND $member.class = "user"
if substr($member.name,len($member.name),1) <> "$"
$temparray[$i] = $member.name
select
case $adsiflag = 8 $temparray[$i] = $member.adspath
case $adsiflag = 16 $temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag = 4 AND $member.class = "Group"
if substr($member.name,len($member.name),1) <> "$"
$temparray[$i] = $member.name
select
case $adsiflag = 8 $temparray[$i] = $member.adspath
case $adsiflag = 16 $temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag = 1
if substr($member.name,len($member.name),1) <> "$"
$temparray[$i] = $member.name
select
case $adsiflag = 8 $temparray[$i] = $member.adspath
case $adsiflag = 16 $temparray[$i] = $member
endselect
$i = $i + 1
endif
case $filterflag ;bit bucket
endselect
if $i = ubound($temparray) redim preserve $temparray[Ubound($temparray)+$chunk] endif
next
if $i <> 0 redim preserve $temparray[$i-1] $groupmembers=$temparray endif
endfunction
BTW2: there is no deleting of files here (except the temp that ping() uses ) ![[Big Grin]](images/icons/grin.gif)
fixed the detection of cached IP addresses...
[ 14 June 2002, 17:02: Message edited by: Radimus ]
