提取日志危险访问记录特征加强版批处理(逆向分析漏洞根源)

效果图：







以下代码复制后存成a.bat文件后放到要分析的日志(.log后缀)目录下，双击，等，黑窗结束后查看结果，以后不用再为了分析庞大的日志文件头疼了，简单的一条命令而已，更多功能可以无限扩展哟。。
[code]
::日志提取特征加强版::
md Analy
findstr /c:"and" *.log >> Analy/and.txt
findstr /c:"or" *.log >> Analy/or.txt
findstr /c:"select" *.log >> Analy/select.txt
findstr /c:"exec" *.log >> Analy/exec.txt
findstr /c:"0x" *.log >> Analy/0x.txt
findstr /c:"md5" *.log >> Analy/md5.txt
findstr /c:"schema" *.log >> Analy/schema.txt
findstr /c:"eval" *.log >> Analy/eval.txt
findstr /c:"cmd" *.log >> Analy/cmd.txt
findstr /c:"char" *.log >> Analy/char.txt
findstr /c:"alter" *.log >> Analy/alter.txt
findstr /c:"begin" *.log >> Analy/begin.txt
findstr /c:"cast" *.log >> Analy/cast.txt
findstr /c:"chr" *.log >> Analy/chr.txt
findstr /c:"convert" *.log >> Analy/convert.txt
findstr /c:"count" *.log >> Analy/count.txt
findstr /c:"CONCAT" *.log >> Analy/CONCAT.txt
findstr /c:"create" *.log >> Analy/create.txt
findstr /c:"cursor" *.log >> Analy/cursor.txt
findstr /c:"declare" *.log >> Analy/declare.txt
findstr /c:"delete" *.log >> Analy/delete.txt
findstr /c:"dir" *.log >> Analy/dir.txt
findstr /c:"drop" *.log >> Analy/drop.txt
findstr /c:"end" *.log >> Analy/end.txt
findstr /c:"fetch" *.log >> Analy/fetch.txt
findstr /c:"format" *.log >> Analy/format.txt
findstr /c:"insert" *.log >> Analy/insert.txt
findstr /c:"limit" *.log >> Analy/limit.txt
findstr /c:"kill" *.log >> Analy/kill.txt
findstr /c:"master" *.log >> Analy/master.txt
findstr /c:"mid" *.log >> Analy/mid.txt
findstr /c:"open" *.log >> Analy/open.txt
findstr /c:"password" *.log >> Analy/password.txt
findstr /c:"request" *.log >> Analy/request.txt
findstr /c:"script" *.log >> Analy/script.txt
findstr /c:"shell" *.log >> Analy/shell.txt
findstr /c:"sp_" *.log >> Analy/sp_.txt
findstr /c:"where" *.log >> Analy/where.txt
findstr /c:"xp_" *.log >> Analy/xp_.txt
findstr /c:"sys" *.log >> Analy/sys.txt
findstr /c:"table" *.log >> Analy/table.txt
findstr /c:"truncate" *.log >> Analy/truncate.txt
findstr /c:"update" *.log >> Analy/update.txt
findstr /c:"union" *.log >> Analy/union.txt

::提取日志二次筛选::
cd Analy
findstr /c:"200 0 0" *.txt >> 200.log
findstr /c:"POST" 200.log >> 200POST.txt
findstr /c:"php" 200.log >> php.txt
findstr /c:"asa" 200.log >> asa.txt
findstr /c:"asp" 200.log >> asp.txt
findstr /c:"aspx" 200.log >> aspx.txt
findstr /c:"cer" 200.log >> cer.txt
[/code]