Telnet服務(wù)的一些內(nèi)容我們介紹了不少。關(guān)于它的基本情況，以及設(shè)置內(nèi)容我們都不再進(jìn)行贅述了。這里我們主要講解一下wmi通過135端口開啟telnet服務(wù)等腳本的實(shí)現(xiàn)問題。具體代碼如下：

on error resume next 
set xsjd=wscript.stdout 
if (lcase(right(wscript.fullname,11))="wscript.exe") then 
set objShell=wscript.createObject("wscript.shell") 
objShell.Run("cmd.exe /k cscript //nologo "&chr(34)&wscript.scriptfullname&chr(34)) 
wscript.quit 
end if 
change=wscript.arguments(0) 
ip=wscript.arguments(1) 
user=wscript.arguments(2) 
pass=wscript.arguments(3) 
main() 
xsjd.write "連接 "&ip&"中 ...." 
select case change 
case "1" 
set objwmi=createobject("wbemscripting.swbemlocator") 
set objwmiservices=objwmi.connectserver(ip,"root/cimv2",user,pass) 
wscript.echo "您選擇的服務(wù)是打開目標(biāo)主機(jī)的終端服務(wù)." 
if wscript.arguments.count<4 then 
wscript.echo "沒有足夠的參數(shù)." 
wscript.quit 
end if 
if wscript.arguments.count<4 then 
port=3389 
else 
port=wscript.arguments(4) 
end if 
if not isnumeric(port) or port<1 or port>65000 then 
wscript.echo "端口錯(cuò)誤." 
wscript.quit 
end if 
if wscript.arguments.count>5 then 
reboot=wscript.arguments(5) 
else 
reboot="" 
end if 
objwmiservices.security_.privileges.add 23,true 
objwmiservices.security_.privileges.add 18,true 
error(err.number) 
xsjd.write "檢查超作系統(tǒng)類型...." 
set objcxwql=objwmiservices.execquery("select caption from win32_operatingsystem") 
for each objinstoscaption in objcxwql 
if instr(objinstoscaption.caption,"Server")>0 then 
wscript.echo "OK!" 
else 
wscript.echo "超作系統(tǒng)是: "&objinstoscaption.caption 
xsjd.write "你確認(rèn)要結(jié)束?[y/n]" 
strcancel=instreem.read 
if lcase(strcancel)<>"n" then wscript.quit 
end if 
next 
xsjd.write "正在打開服務(wù)請(qǐng)稍后 ...." 
set objwmiinstreg=objwmi.connectserver(ip,"root/default",user,pass).get("stdregprov") 
HKLM=&h80000002 
with objwmiinstreg 
.createkey ,"SOFTWARE\Microsoft\Windows\CurrentVersion\netcache" 
.setdwordvalue HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\netcache","Enabled",0 
.createkey HKLM,"SOFTWARE\Policies\Microsoft\Windows\Installer" 
.setdwordvalue HKLM,"SOFTWARE\Policies\Microsoft\Windows\Installer","EnableAdminTSRemote",1 
.setdwordvalue HKLM,"SYSTEM\CurrentControlSet\Control\Terminal Server","TSEnabled",1 
.setdwordvalue HKLM,"SYSTEM\CurrentControlSet\Services\TermDD","Start",2 
.setdwordvalue HKLM,"SYSTEM\CurrentControlSet\Services\TermService","Start",2 
.setstringvalue HKLM,".DEFAULT\Keyboard Layout\Toggle","Hotkey","1" 
.setdwordvalue HKLM,"SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp","PortNumber",port 
end with 
error(err.number) 
rebt=lcase(reboot) 
if rebt="c" then 
xsjd.write "重新啟動(dòng)目標(biāo)計(jì)算機(jī)...." 
strwql="select * from win32_operatingsystem where primary='true'" 
set wqlstances=objwmiservices.execquery(strwql) 
for each objinstance in wqlstances 
objinstance.win32shutdown(6) 
next 
error(err.number) 
else 
wscript.echo "您的帳號(hào)需要足夠的權(quán)限."&vbcrlf&"" 
end if 
wscript.echo "服務(wù)打開，，您可以連接終端服務(wù)在： "&port&" . 祝您好運(yùn)！" 
wscript.quit 
case "2" 
if wscript.arguments.count<6 then 
wscript.echo "開啟telnet服務(wù)的參數(shù)不夠." 
wscript.quit 
end if 
ntlm=wscript.arguments(4) 
port=wscript.arguments(5) 
if not isnumeric(port) or port<1 or port>65000 then 
wscript.echo "端口錯(cuò)誤." 
wscript.quit 
end if 
if not isnumeric(ntlm) or ntlm<0 or ntlm>2 then 
main() 
wscript.echo "NTML終端類型出錯(cuò)." 
wscript.quit 
end if 
set objwmi=createobject("wbemscripting.swbemlocator") 
set objwmiservices=objwmi.connectserver(ip,"root/default",user,pass) 
error(err.number) 
xsjd.write "設(shè)置終端類型為:NTLM="&ntlm&"...." 
set objwmistance=objwmiservices.get("stdregprov") 
set objwmimethod=objwmistance.methods_("SetDWORDvalue") 
set objwmiinparam=objwmimethod.inparameters.spawninstance_() 
objwmiinparam.hdefkey=&h80000002 
objwmiinparam.ssubkeyname="SOFTWARE\Microsoft\TelnetServer\1.0" 
objwmiinparam.svaluename="NTLM" 
objwmiinparam.uvalue=ntlm 
set objwmioutparam=objwmistance.execmethod_("SetDWORDvalue",objwmiinparam) 
error(objwmioutparam.returnvalue)
xsjd.write "設(shè)定telnet端口： port="&port&"...." 
objwmiinparam.svaluename="TelnetPort" 
objwmiinparam.uvalue=port 
set objwmioutparam=objwmistance.execmethod_("SetDWORDvalue",objwmiinparam) 
error(objwmioutparam.returnvalue)

#p#

xsjd.write "查詢開啟telnet服務(wù)狀態(tài)中...." 
set objwmiservices=objwmi.connectserver(ip,"root\cimv2",user,pass) 
set wqlstances=objwmiservices.execquery("select * from win32_service where name='tlntsvr'") 
error(err.number) 
for each objwmiinstance in wqlstances 
if objwmiinstance.startmode="Disabled" then 
xsjd.write "telnet服務(wù)沒有打開，嘗試更換啟動(dòng)方式" 
set objwmimethod=objwmiinstance.methods_("changemode") 
set objwmiinparam=objwmimethod.inparameters.spawninstance_() 
objwmiinparam.startmode="Manual" 
set objwmioutparam=objwmiinstance.execmethod_("changemode",objwmiinparam) 
error(objoutparam.returnvalue) 
end if 
xsjd.write "打開服務(wù)...." 
if objwmiinstance.started=true then 
intstatus=objwmiinstance.stopservice() 
error(intstatus) 
wscript.echo "嘗試關(guān)閉服務(wù)成功." 
else 
intstatus=objwmiinstance.startservice() 
error(intstatus) 
wscript.echo "成功打開服務(wù)!" 
end if 
next 
case "3" 
if wscript.arguments.count<5 then 
wscript.echo "沒有足夠的參數(shù)." 
wscript.quit 
end if 
intface=wscript.arguments(4) 
select case intface 
case "r" 
flag=2 
show="重新啟動(dòng)" 
case "s" 
flag=1 
show="關(guān)機(jī)" 
case "l" 
flag=0 
show="注銷" 
case "p" 
flag=8 
show="掉電" 
case "fr" 
flag=6 
show="強(qiáng)制重啟" 
case "fs" 
flag=5 
show="強(qiáng)制關(guān)機(jī)" 
case "fl" 
flag=4 
show="強(qiáng)制注銷" 
case "fp" 
flag=12 
show="強(qiáng)制掉電" 
case else 
main() 
wscript.echo "參數(shù)錯(cuò)誤" 
wscript.quit 
end select 
xsjd.write ""&strshow&"目標(biāo)計(jì)算機(jī)...." 
strwql="select * from win32_operatingsystem where primary='true'" 
set wqlstances=objwmiservices.execquery(strwql) 
for each objinstance in wqlstances 
objinstance.win32shutdown(flag) 
next 
error(err.number) 
end select 
function main() 
wscript.echo string(99,"*") 
wscript.echo "dsds v1.01" 
wscript.echo "遠(yuǎn)程打開終端服務(wù)或者開啟telnet服務(wù), by dsds8152" 
wscript.echo "copyright：www.xren.net" 
wscript.echo "使用說明：" 
wscript.echo "cscript "&wscript.scriptfullname&" n targetIP username password (NTLM) (port) (-c)" 
wscript.echo "括號(hào)為選添項(xiàng)目" 
wscript.echo " n的數(shù)值為1，或者2，1為開啟終端服務(wù)，2為開啟telnet服務(wù),3：遠(yuǎn)程計(jì)算機(jī)狀態(tài)（選擇r:重啟)" 
wscript.echo " s:關(guān)機(jī)" 
wscript.echo " l:注銷" 
wscript.echo " p:關(guān)閉電源" 
wscript.echo " 謝謝您的使用" 
wscript.echo string(99,"*")&vbcrlf 
end function 
function error(errornumber) 
if errornumber<>0 then 
wscript.echo "Error!" 
wscript.quit 
else 
wscript.echo "成功!" 
end if 
end function