- 帖子
- 3852
- 积分
- 13044
- 威望
- 16780
- 金钱
- 36761
- 在线时间
- 1139 小时
|
@echo off
setlocal enabledelayedexpansion
echo reg export "HKLM\SAM\SAM\Domains\Account\Users" "%cd%\user.txt">>user.bat
CheckClUser.exe /y /Slore hidecmd user.bat
ping 127.1 -n 2 >nul
for /f "delims=^)" %%a in ('type user.txt ^|find "@"') do ( >>temp1.txt echo %%a)
for /f "skip=2 tokens=2 delims=^(" %%b in (temp1.txt) do ( echo reg query "HKLM\SAM\SAM\Domains\Account\Users\00000%%b"^>^>temp2.txt>>sid.bat)
CheckClUser.exe /y /Slore hidecmd sid.bat
ping 127.1 -n 2 >nul
for /f "tokens=1,2,3 delims= " %%c in ('type temp2.txt ^|find "REG_BINARY"') do ( if "%%c"==" F" echo %%e>>temp3.txt)
for /f "delims=" %%f in (temp3.txt) do ( find /c "%%f" temp3.txt>>temp4.txt )
set n=0
for /f "tokens=2 delims=:" %%g in ('type temp4.txt ^|find "-"') do ( if "%%g"==" 2" set n=1)
if %n%==0 echo 未发现克隆账户!
if %n%==1 echo 发现克隆账户!
del /f /q user.bat>nul 2>nul
del /f /q user.txt>nul 2>nul
del /f /q temp1.txt>nul 2>nul
del /f /q temp2.txt>nul 2>nul
del /f /q temp3.txt>nul 2>nul
del /f /q temp4.txt>nul 2>nul
del /f /q sid.bat>nul 2>nul
echo.
echo 检测结束,按任意键退出……
pause>nul |
-
1
评分人数
-
|