運行環境:win10
使用方法:
1.保存爲後綴bat
2.管理員運行
3.每隔五分鐘統計一次:組織,次數,地址,端口
4.信息在org.txt裏面
5.可以修改ping -n 300中300秒爲需要的間隔和提示
6.沒有去重
7.禁止修改和非法目的
8.重構了代碼,修復了錯誤
9.發現兩個call傳參%會互相影響,有知道不影響怎麼改的說下
@echo off
setlocal enabledelayedexpansion
cd /d %~dp0
goto loop
:loop
set num=0
echo netstat開始!
netstat -aon>net.txt
for /f "tokens=*" %%i in (net.txt) do (
set row=%%i
if !num! gtr 1 (
for /f "tokens=1,2,3,4,5* delims= " %%a in ("!row!") do (
set flag=%%a
if "!flag!" equ "TCP" (
set fadd=%%c
for /f "tokens=1,2* delims=:" %%m in ("!fadd!") do (
set addr=%%m
set port=%%n
if not "!addr!"=="127.0.0.1" (
if not "!addr!"=="0.0.0.0" (
if not "!addr!"=="[" (
if not "!addr!"=="*" (
for /f "tokens=1,2* delims=." %%w in ("!addr!") do (
call :ipGPS !addr! !port! !num!
)
)
)
)
)
)
)
)
)
set /a num+=1
)
echo netstat結束!
echo 暫停5分鐘!
ping -n 300 127.0>nul
echo 暫停5分鐘結束!
goto loop
:ipGPS
set adr=%1
set port1=%2
set num=%3
echo Set objXML = CreateObject("MSXML2.ServerXMLHTTP")>ipFind.vbs
echo Set objFSO = CreateObject("Scripting.FileSystemObject")>>ipFind.vbs
echo objXML.open "GET","https://www.ip-address.org/lookup/ip-locator.php?track=!adr!",false>>ipFind.vbs
echo objXML.send()>>ipFind.vbs
echo Set objFile = objFSO.CreateTextFile("ipFind.txt",true)>>ipFind.vbs
echo objFile.close>>ipFind.vbs
echo Set objTextFile = objFSO.OpenTextFile ("ipFind.txt", 8, True)>>ipFind.vbs
echo objTextFile.WriteLine(objXML.responseText)>>ipFind.vbs
echo objTextFile.Close>>ipFind.vbs
start /wait wscript /b /t:600 ipFind.vbs
set rownumber=0
set num1=0
set num2=0
if exist ipFind.txt (
for /f "tokens=*" %%a in (ipFind.txt) do (
set /a rownumber+=1
if "!rownumber!"=="276" (
for /f "tokens=1,2* delims=:" %%m in ("%%a") do (
set group=%%n
set group=!group:~1,-6!
if exist org.txt (
for /f "usebackq tokens=1,2,3* delims==" %%x in (org.txt) do (
set /a num1+=1
set tmp1=%%x
set tmp2=%%y
set tmp3=%%z
if "!tmp3!"=="" (
if "!group!"=="" (
set num2=!num1!
)
) else (
if "!group!"=="!tmp1!" (
set num2=!num1!
)
)
)
)
if not "!num2!"=="0" (
call :makeOrg !adr! !port1! !num2!
) else (
echo !group!=1次=!adr![!port1!]>>org.txt
)
)
)
)
)
:makeOrg
set addrs=%1
set ports=%2
set num3=%3
set num4=0
for /f "usebackq tokens=1,2,3* delims==" %%j in (org.txt) do (
set /a num4+=1
set temp1=%%j
set temp2=%%k
set temp3=%%l
if "!num4!"=="!num3!" (
if "!temp3!"=="" (
set times=!temp1:次=!
set /a times+=1
if "!num4!"=="1" (
echo ^=!times!次=!temp2!/!addrs![!ports!]>org.txt
) else (
echo ^=!times!次=!temp2!/!addrs![!ports!]>>org.txt
)
) else (
set times=!temp2:次=!
set /a times+=1
if "!num4!"=="1" (
echo !temp1!=!times!次=!temp3!/!addrs![!ports!]>org.txt
) else (
echo !temp1!=!times!次=!temp3!/!addrs![!ports!]>>org.txt
)
)
) else (
if "!temp3!"=="" (
set times=!temp1:次=!
if "!num4!"=="1" (
echo ^=!times!次=!temp2!>org.txt
) else (
echo ^=!times!次=!temp2!>>org.txt
)
) else (
set times=!temp2:次=!
if "!num4!"=="1" (
echo !temp1!=!times!次=!temp3!>org.txt
) else (
echo !temp1!=!times!次=!temp3!>>org.txt
)
)
)
)
(全文完)