Batch Files and Scripts Why Should You Care?

Total Page:16

File Type:pdf, Size:1020Kb

Batch Files and Scripts Why Should You Care? CS140M Fall 2014 Why Should You Care? • Many easy‐to‐use, helpful little programs Batch Files and Scripts • Psychological satisfaction of not being totally under Windows control • Not for everybody but programming can be fun By Al Lake • Make you better prepared to avoid viruses Fall 2014 LBCC CS140M Fall 2014 CS140M Lake 2 General Program Types Common Scripts • Compiled • Batch files – Written in some coding language and then converted to binary – An old format with new power in XP – Executable that interacts with OS directly • VBScript – Examples of languages are C and Java – Related to visual basic and VBA • • Interpreted JavaScript (also JScript) – Common on Internet – Text files that require an interface – Not related to Java • Much slower but easy to write and edit • Generically called “scripts” • Special files with REG extension – Specifically to edit Registry Fall 2014 CS140M Lake 3 Fall 2014 CS140M Lake 4 What are Scripts Used For? What is a Batch File? • Repetitive operations • A text file with extension BAT containing a – System administration sequence of commands – Automation of common tasks • Interpreter is command.com in DOS/Windows 9x/Me • To carry out a series of operations in one step – Commands are DOS plus some additions for • To help with file management variables and branching • To make Registry changes • Interpreter is cmd.exe in XP – Available commands are more versatile than DOS and are 32‐bit Fall 2014 CS140M Lake 5 Fall 2014 CS140M Lake 6 Lake 1 CS140M Fall 2014 Example of Batch File Del Example Deletes one or more files. DEL [/P] [/F] [/S] [/Q] [/A[[:]attributes]] names • “Cleantmp.bat” ERASE [/P] [/F] [/S] [/Q] [/A[[:]attributes]] names names Specifies a list of one or more files or directories. – del C:\windows\temp\*.tmp Wildcards may be used to delete multiple files. If a • Note use of wildcard “*” directory is specified, all files within the directory will be deleted. • More sophisticated version in XP can have /P Prompts for confirmation before deleting each file. switches and long file names /F Force deleting of read‐only files. – del /s/q C:\windows\temp\*.tmp /S Delete specified files from all subdirectories. /Q Quiet mode, do not ask if ok to delete on global wildcard • Could add more lines /A Selects files to delete based on attributes – To clean Internet cache, etc attributes R Read‐only files S System files H Hidden files A Files ready for archiving I Not content indexed Files L Reparse Points ‐ Prefix meaning not Fall 2014 CS140M Lake 7 Fall 2014 CS140M Lake 8 For Backup Arguments (Placeholders) • Can use “xcopy” with various switches • Batch files can accept input • For example – Use placeholders (arguments) – xcopy folder1 folder2 /d:(date) • xcopy %1 %2 • Date format mm‐dd‐yyyy • If batch file called “backup.bat” – Or xcopy folder1 folder2 /u – Enter “backup.bat folder1 folder2” in command – Or xcopy folder1 folder2 /s/u line • Be careful about paths Fall 2014 CS140M Lake 9 Fall 2014 CS140M Lake 10 A Few of the Batch Commands For Help • attrib • assoc, ftype • Enter “help” in command line (not in • copy • findstr Windows Me) • del • pushd, popd • Enter “command /?” as in “xcopy /?” to obtain • dir • reg information on specific command • md • shutdown • In Windows XP Pro enter “hh ntcmds.chm” in • rd • for Start|Run for extensive command line help • ren • goto • xcopy • if Fall 2014 CS140M Lake 11 Fall 2014 CS140M Lake 12 Lake 2 CS140M Fall 2014 Scripts (VBS and JS) VBScripts vs Batch Files • Two interfaces • More oriented to user interaction – Windows Script Host – Can be graphical or command line • For scripts run locally • Has access to file system and Registry • Greater control of other programs – Browser • Has powerful file system functions • For scripts on Internet • Does not have access to file system • Can edit Registry • VBS not read by Netscape (newer version?) • Object oriented • Both can read and pass scripts to the scripting “engine” • Harder to learn and program Fall 2014 CS140M Lake 13 Fall 2014 CS140M Lake 14 Some Useful VBScripts VBScripts and Viruses • Increase icon cache • Some viruses are in form of VBScripts • Scandisk and defrag all drives automatically • Clean temp files • Anti‐virus programs may block use of scripts • Selectively clean “cookies” • Backup folders and files • IE may not allow downloading of attachments • Get product key for Windows with VBS (and other) extensions • Change registered owner • Carry out tasks at shutdown • File association fixes • Various edits to Registry • Add to Context Menu Fall 2014 CS140M Lake 15 Fall 2014 CS140M Lake 16 JavaScript and JScript • Extensively used on Web pages – Hit counters, today’s date, etc – Whole libraries of scripts available for buddingWebmasters • Not used as much for local computers Fall 2014 CS140M Lake 17 Fall 2014 CS140M Lake 18 Lake 3 CS140M Fall 2014 “REG” Files Questions? • Special text files with extension REG • Double‐clicking modifies a section of the Registry • Can add, delete, or modify keys and values • Can download useful Registry tweaks Fall 2014 CS140M Lake 19 Fall 2014 CS140M Lake 20 Assignment • Create a batch file that: • Create a batch file that: – Starts at the root level – Displays up to 4 C:\ programs ECHO Press 'A' to Start the 'A' Program – Changes into ECHO Press 'B' to Start the 'B' Program ECHO Press 'C' to Start the 'C' Program C:\Windows ECHO Press 'D' to Start the 'D' Program – Records all of the files in – Choose 4 Windows the C:\Windows\ into a programs (instead of A, text file. B, C, & D) – Puts the text file at the root level Lake 4.
Recommended publications
  • Network Printing Guide
    Network Printing Guide Windows 95/98/Me Configuration Windows 2000 Configuration Windows XP Configuration Windows NT 4.0 Configuration NetWare Configuration Macintosh Configuration Appendix For safe and correct use of this machine, please be sure to read the Safety Information in the Operating Instructions that comes with the machine before you use it. Introduction To get maximum versatility from this machine all operators should carefully read and follow the instruc- tions in this manual. Please keep this manual in a handy place near the machine. Important Contents of this manual are subject to change without prior notice. In no event will the company be li- able for direct, indirect, special, incidental, or consequential damages as a result of handling or oper- ating the machine. Software Version Conventions Used in this Manual • NetWare 3.x means NetWare 3.12 and 3.2. • NetWare 4.x means NetWare 4.1, 4.11 and IntranetWare. Trademarks Apple, AppleTalk, EtherTalk, LaserWriter, Macintosh and Mac are registered trademarks of Apple Computer, Inc. Ethernet is a registered trademark of Xerox Corporation. Microsoft, Windows and Windows NT are registered trademarks of Microsoft Corporation in the United States and/or other countries. Netscape and Netscape Navigator are registered trademarks of Netscape Communications Corpora- tion. Novell, NetWare and NDS are registered trademarks of Novell, Inc. PostScript is a registered trademark of Adobe Systems, Incorporated. Sun is a registered trademark of Sun Microsystems, Inc. SunOS is a trademark of Sun Microsystems, Inc. Other product names used herein are for identification purposes only and might be trademarks of their respective companies.
    [Show full text]
  • Arc Hydro Geoprocessing Tools - Tutorial
    Arc Hydro Geoprocessing Tools - Tutorial Version 2.0 – October 2011 ESRI 380 New York St., Redlands, CA 92373-8100, USA TEL 909-793-2853 FAX 909-793-5953 E-MAIL [email protected] WEB www.esri.com Arc Hydro GP Tools v 2.0 – Tutorial Copyright © 2011 Esri All rights reserved. Printed in the United States of America. The information contained in this document is the exclusive property of Esri. This work is protected under United States copyright law and other international copyright treaties and conventions. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or by any information storage or retrieval system, except as expressly permitted in writing by Esri. All requests should be sent to Attention: Contracts Manager, Esri, 380 New York Street, Redlands, CA 92373-8100, USA. The information contained in this document is subject to change without notice. October 2011 i Arc Hydro GP Tools v 2.0 – Tutorial Table of Contents Introduction 5 Objective 5 Loading Arc Hydro Tools Toolbox 5 Accessing the Arc Hydro Geoprocessing Tools Help 7 Arc Hydro Tools Configuration 9 Arc Hydro Setup 10 1. Set Target Locations 10 2. Set Batch Target Locations 13 3. Standard Geoprocessing Configuration 15 Terrain Preprocessing 16 1. Level DEM 17 2. DEM Reconditioning 22 3. Assign Stream Slope 25 4. Burn Stream Slope 27 5. Build Walls 28 6. Sink Prescreening 29 7. Sink Evaluation 29 8. Sink Selection 31 9. Fill Sinks 32 10. Flow Direction 33 11.
    [Show full text]
  • Teach Yourself TCP/IP in 14 Days, Second Edition
    Teach Yourself TCP/IP in 14 Days Second Edition Preface to Second Edition About the Author Overview Introduction 1. Open Systems, Standards, and Protocols 2. TCP/IP and the Internet 3. The Internet Protocol (IP) 4. TCP and UDP 5. Gateway and Routing Protocols 6. Telnet and FTP 7. TCP/IP Configuration and Administration Basics 8. TCP/IP and Networks 9. Setting Up a Sample TCP/IP Network: Servers 10. Setting Up a Sample TCP/IP Network: DOS and Windows Clients 11. Domain Name Service 12. Network File System and Network Information Service 13. Managing and Troubleshooting TCP/IP 14. The Socket Programming Interface Appendix A: Acronyms and Abbreviations Appendix B: Glossary Appendix C: Commands Appendix D: Well-Known Port Numbers Appendix E: RFCs Appendix F: Answers to Quizzes This document was produced using a BETA version of HTML Transit 2 Teach Yourself TCP/IP in 14 Days, Second Edition The second edition of Teach Yourself TCP/IP in 14 Days expands on the very popular first edition, bringing the information up-to-date and adding new topics to complete the coverage of TCP/IP. The book has been reorganized to make reading and learning easier, as well as to provide a more logical approach to the subject. New material in this edition deals with installing, configuring, and testing a TCP/IP network of servers and clients. You will see how to easily set up UNIX, Linux, and Windows NT servers for all popular TCP/IP services, including Telnet, FTP, DNS, NIS, and NFS. On the client side, you will see how to set up DOS, Windows, Windows 95, and WinSock to interact with a server.
    [Show full text]
  • Nhdplus User Guide Page Ii of 115 This Guide Is Intended for Use with the Following Nhdplus Schema Versions
    NNHHDDPPlluuss UUsseerr GGuuiiddee June 1, 2006 THIS PAGE LEFT BLANK INTENTIONALLY 2/3/2006 NHDPlus User Guide Page ii of 115 This guide is intended for use with the following NHDPlus schema versions. NHDPlus Component Schema Version Catchment Grid 01 Catchment Shape 01 Catchment Flowline Attributes 01 Elevation Grid 01 Flow Accumulation & Direction Grids 01 NHD 01 Stream Gage Events 01 2/3/2006 NHDPlus User Guide Page iii of 115 THIS PAGE LEFT BLANK INTENTIONALLY 2/3/2006 NHDPlus User Guide Page iv of 115 Table of Contents Acknowledgments.......................................................................................................................... ix Introduction to NHDPlus ................................................................................................................ 1 Data Package Content and Directory Structure .......................................................................... 3 NHDPlus Schema ....................................................................................................................... 5 Projection Information................................................................................................................ 7 NHDPlus Versioning System ..................................................................................................... 8 Feature Class Descriptions............................................................................................................ 11 Attribute Table Descriptions........................................................................................................
    [Show full text]
  • User's Guide • Oracle Enterprise Manager Licensing Information User Manual 2.9.2 Integrating Compliance Check Results with Third-Party Tool
    Autonomous Health Framework User’s Guide 21c F31833-01 November 2020 Autonomous Health Framework User’s Guide, 21c F31833-01 Copyright © 2016, 2020, Oracle and/or its affiliates. Primary Authors: Nirmal Kumar, Janet Stern Contributing Authors: Richard Strohm, Mark Bauer, Douglas Williams, Aparna Kamath, Subhash Chandra Contributors: Girdhari Ghantiyala, Gareth Chapman, Robert Caldwell, Vern Wagman, Mark Scardina, Ankita Khandelwal, Girish Adiga, Walter Battistella, Jesus Guillermo Munoz Nunez, Sahil Kumar, Daniel Semler, Carol Colrain This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software documentation" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations.
    [Show full text]
  • List Drive Using Cmd
    List drive using cmd click here to download You can display or list drives in CMD / Command Prompt or PowerShell, using wmic, diskpart, fsutil, psdrive command line, in Windows 10 / 8. The command that erases the drive during this process is "Clean". In this article " Clean" From the diskpart prompt, type list disk and press Enter. Shows the. If you want to use it in a script, then wrap it in for /f with the skip=1 . that whenever typed will run the given command and list all volume letters. How to create a partition from Command Prompt. First of all, open the To view the available disks on your system, use the command list disk. Diskpart is a separate suite of commands that runs in the command window in a particular disk, partition, or volume it must first be selected with the "list disk". You can manually assign permanent drive letters in Windows Type the following command to list all the volumes on your computer and. How does one get a list of the drives connected from the command line? For instance, sometimes I need to run chkdsk on a hdd, so I pop the. See drives in MS-DOS and the Windows command to list all available drives on the computer through. We can run the below command from windows command prompt to get the list of local drives. wmic logicaldisk get description,name | findstr /C:”Local” We can. Diskpart assign and remove drive letter with its syntax in the command prompt. There are And you can type list volume to see the details.
    [Show full text]
  • WINDOWS POWERSHELL LOGGING CHEAT SHEET - Win 7/Win 2008 Or Later
    WINDOWS POWERSHELL LOGGING CHEAT SHEET - Win 7/Win 2008 or later This “Windows PowerShell Logging Cheat Sheet” is intended to help you get started setting up basic and necessary PowerShell (Windows Management Framework) command and command line logging. This list includes some very common items that should be enabled, configured, gathered and harvested for any Log Management program. Start with these settings and add to it as you understand better what is in your logs and what you need. DEFINITIONS:: ENABLE: Things you must do to enable logging to start collecting and keeping events. CONFIGURE: Configuration that is needed to refine what events you will collect. GATHER: Tools/Utilities that you can use locally on the system to set or gather log related information – AuditPol, WEvtUtil, Find, etc. HARVEST : Events that you would want to harvest into some centralized Event log management solution like syslog, SIEM, Splunk, etc. RESOURCES: Places to get information on PowerShell Logging PS 2,3,4 Command Line Logging - http://technet.microsoft.com/en-us/library/hh847796.aspx PowerShell Transcript information - https://technet.microsoft.com/en-us/library/hh849687.aspx PS 4 - https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html PS 4 & 5 - https://blogs.msdn.microsoft.com/powershell/2015/06/09/powershell-the-blue-team - KEY for PS 5 https://www.blackhat.com/docs/us-14/materials/us-14-Kazanciyan-Investigating-Powershell-Attacks-WP.pdf http://learn-powershell.net/2014/08/26/more-new-stuff-in-powershell-v5-extra-powershell-auditing http://www.redblue.team/2016/01/powershell-traceless-threat-and-how- to.html?showComment=1464099315089#c3589963557794199352 https://www.carbonblack.com/wp-content/uploads/2016/04/Cb-Powershell-Deep-Dive-A-United-Threat-Research-Report-1.pdf INFORMATION:: 1.
    [Show full text]
  • Windows Tool Reference
    AppendixChapter A1 Windows Tool Reference Windows Management Tools This appendix lists sets of Windows management, maintenance, configuration, and monitor- ing tools that you may not be familiar with. Some are not automatically installed by Windows Setup but instead are hidden away in obscure folders on your Windows Setup DVD or CD- ROM. Others must be downloaded or purchased from Microsoft. They can be a great help in using, updating, and managing Windows. We’ll discuss the following tool kits: ■ Standard Tools—Our pick of handy programs installed by Windows Setup that we think are unappreciated and not well-enough known. ■ Support Tools—A set of useful command-line and GUI programs that can be installed from your Windows Setup DVD or CD-ROM. ■ Value-Added Tools—Several more sets of utilities hidden away on the Windows Setup CD-ROM. ■ Windows Ultimate Extras and PowerToys for XP—Accessories that can be downloaded for free from microsoft.com. The PowerToys include TweakUI, a program that lets you make adjustments to more Windows settings than you knew existed. ■ Resource Kits—A set of books published by Microsoft for some versions of Windows that includes a CD-ROM containing hundreds of utility programs. What you may not have known is that in some cases you can download the Resource Kit program toolkits with- out purchasing the books. ■ Subsystem for UNIX-Based Applications (SUA)—A package of network services and command-line tools that provide a nearly complete UNIX environment. It can be installed only on Windows Vista Ultimate and Enterprise, and Windows Server 2003.
    [Show full text]
  • Hacking Exposed: Melting Down Memory
    #RSAC SESSION ID: EXP=W04 HACKING EXPOSED: MELTING DOWN MEMORY George Kurtz Dmitri Alperovitch Elia Zaitsev Co-Founder & President/CEO Co-Founder & CTO Director CrowdStrike Inc. CrowdStrike Inc. Solutions Architecture @George_Kurtz @DAlperovitch CrowdStrike Inc. #RSAC THE HACKING EXPOSED OSCARS ARE BACK #RSAC THE NOMINEES FOR BEST TECHNIQUES ARE… #RSAC CATEGORY: CREDENTIAL THEFT DELIVERY: STRATEGIC WEB COMPROMISE USING SMB TECHNICAL BREAKDOWN #RSAC Variations of remote source Javascript + Dean Edwards Packer obfuscation Tiny image Hidden in JQuery related Javascript files #RSAC DEMO 6 REAL WORLD EXAMPLES #RSAC - Massive BERSERK BEAR credential harvesting campaign - Targeted numerous sectors — Chemical – Sept 2017 — Financial – Sept 2017 — Hospitality – Sept 2017 — Oil & Gas – April 2017 — Technology – April 2017 — Engineering – April 2017 — Education – April 2017 REAL WORLD EXAMPLES #RSAC Another variation used spear-phishing emails. Word Docs contain code that attempts to retrieve doc template from remote source over WebDAV 8 REAL WORLD EXAMPLES #RSAC - Post Harvesting Activity - Offline hash cracking - Pass the hash tools - Public facing services most vulnerable - Webmail - VPN - Remote conferencing software COUNTERMEASURES #RSAC - Implement Two-Factor Authentication (2FA) - Restrict or monitor SMB connectivity to remote servers - Robust password policies (length/duration/reuse) - Restrict or monitor remote user authentication - Leverage threat intel to track known SMB C2s #RSAC CATEGORY: WHITELISTING BYPASS DELIVERY: INSTALLUTIL TECHNICAL
    [Show full text]
  • Operating Instructions"
    Network Printing Guide 1 Windows Configuration 2 NetWare Configuration 3 Macintosh Configuration 4 Appendix For safety, please read this manual carefully before you use this product and keep it handy for future reference. Introduction To get maximum versatility from this machine all operators should carefully read and follow the instruc- tions in this manual. Please keep this manual in a handy place near the machine. Please read the Safety Information before using this machine. It contains important information related to USER SAFETY and PREVENTING EQUIPMENT PROBLEMS. Important Contents of this manual are subject to change without prior notice. In no event will the company be li- able for direct, indirect, special, incidental, or consequential damages as a result of handling or oper- ating the machine. Software Version Conventions Used in this Manual • NetWare 3.x means NetWare 3.12 and 3.2. • NetWare 4.x means NetWare 4.1, 4.11 and IntranetWare. Trademarks Apple, AppleTalk, EtherTalk, LaserWriter, Macintosh and Mac are registered trademarks of Apple Computer, Inc. Ethernet is a registered trademark of Xerox Corporation. Microsoft®, Windows®, Windows Server®, and Windows Vista® are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Netscape and Netscape Navigator are registered trademarks of Netscape Communications Corporation. Novell, NetWare and NDS are registered trademarks of Novell, Inc. PostScript is a registered trademark of Adobe Systems, Incorporated. Sun is a registered trademark of Sun Microsystems, Inc. SunOS is a trademark of Sun Microsystems, Inc. PCL is a registered trademark of Hewlett-Packard Company. Solaris is a trademark or registered trademark of Sun Microsystems, Inc.
    [Show full text]
  • Monitoring Malicious Powershell Usage Through Log Analysis
    Monitoring malicious PowerShell usage through log analysis Jesper Magnusson Computer Science and Engineering, master's level 2019 Luleå University of Technology Department of Computer Science, Electrical and Space Engineering (This page is intentionally left almost blank) Abstract Security has become a hot topic around the world but focuses more on the perime- ter than inside networks which opens up vulnerabilities. Directed cyber-attacks towards the energy sector which leverages this fact has increased and can have dis- astrous effect, even on national level. To counter this, a solution to monitor the usage of the most powerful and popular built-in tool among attackers - PowerShell - was implemented. A test-bed was set up reflecting a corporate network with two separate active directory domains, one for office clients and one for critical infrastructure. It was shown that attackers only needed to overtake the office active directory domain in order for gain easy access to the critical active directory domain. To simulate attacks of this type, a collection of malicious scripts was gathered from which a number of possible scenarios for taking over the office active directory domain via PowerShell was created. Windows has several options for logging executions of PowerShell commands on machines. The one used and deemed most beneficiary was "Module logging" with the addition of a filtered result of process creation logs. To monitor the logs created on the office client from PowerShell executions, a system based on the "ELK stack" was set up. This system gathered, processed, stored and visualized logs along with the result of their analysis. The system analyzed logs with the aid of a custom software called "ESPSA" which based on different parameters and contexts assigned every execution with a risk value indicating the level of maliciousness.
    [Show full text]
  • Command Prompt Commands with Syntax and Examples
    Command Prompt Commands With Syntax And Examples Is Chalmers unlatched or resinated when nose-dived some soapworts artificializes decent? Er stoppers dishearteningly if Heraclean Felicio trellis or sags. Basaltic Godard donating incandescently. The following command gives data from experimental channel that a page number of windows directory, and examples of lines for locating the content of Shows status of currently enabled and disabled options. There get some crossover in syntax between reading two platforms as PowerShell will accept. Cmd Line tight To File And Console Massimo Fregnani. Open a file for adding to improve depot. Lists the contents of the directory and all subdirectories recursively. This would require additional syntax elements for huge domain user name and password like this. Oct 02 2020 An confident of this command would history give Carpetfizz 1 64 This. We introduce shutdowns via CMD, which can encourage efficient, enough, but also create complex shutdown routines. A proper approach is where feed redis-cli a shark of commands written receipt a text file. Internal drivers and examples of a quick reference for every object types. Edit command line, recall commands. Command Examples 1Use Foxit Reader which is installed under. The tcp if run instruction has no sql script will see some powerful combination. When you use this option, the command is performed on all files or objects under the specified directory or prefix. Now, you will be able to see the HTML content of the page, similar to the screenshot below. It accepts a switch specifying the number of lines to view. This is where you type commands.
    [Show full text]