Professional Documents
Culture Documents
CO1508 Computer Systems & Security - Week 13 Windows CMD, Batch Scripting and Some Tricks!
CO1508 Computer Systems & Security - Week 13 Windows CMD, Batch Scripting and Some Tricks!
CO1508 Computer Systems & Security - Week 13 Windows CMD, Batch Scripting and Some Tricks!
Summary
You are going to explore Windows CMD commands and batch scripting. You’ll also
experience some cool tricks in Windows 😊.
Note 1
If, because you don’t administrator privileges on the university’s machine, any of the
following tasks doesn’t work, you can complete it on your machine at home.
Note 2
When you read a question in this lab sheet or asked to write something down, it literally
means that you’ve to answer the question and write it down (hence, the space left under
each request). Show your answers to your tutor when you’re done.
Activities
1. Windows Information
In the lecture, we looked at some advanced system information in Windows using Run
commands. You should try it now yourself.
From Start menu → Type Run → Enter (OR press the Win + R keys on your keyboard). In the
Run window, type services.msc
Try and find the following service “Print Spooler”. What does it do? Can you stop it?
Open the Run window again and type secpol.msc (This might not work on your university
machine) Have a browse and look at the password policy. Is the password history enforced?
What is the maximum password age?
Open the Run window again and type gpedit.msc (This might not work on your university
machine) Have a browse. Can you tell the difference between Computer Configuration and
User Configuration? Does it make a difference if we modify the Logon script on one of them
only? Can you find the Logon/Logoff scripts?
As illustrated in the lecture, some tasks can be done quicker using Windows CMD rather
than GUI. In this section, we’ll go through basic commands.
From Start menu → Type cmd → Enter. You should now have the command prompt
window. Let’s start (you need to record the results of some commands). It is assumed
you’re looking at N:\ (if not, type N: and click Enter)
• Type date (what is the result? Record it here) [just hit Enter to ignore]
• Type time (what is the result? Record it here) [just hit Enter to ignore]
The command dir is used to list directory contents. As you noticed, you can change your
current root directory by typing the name followed by a colon.
The command md is used to create a directory (i.e., folder). Make sure the new directory is
created by using dir then navigate into your new folder by typing cd CO1508
Type cd and click Enter. What happens? What does cd alone do? Write this down.
Try this command now rd Week13 then dir (what happens? What does rd do? Write
this down.
First, re-create Week13 directory within CO1508 and change directory to it. Your working
directory should be N:\CO1508\Week13>
dir C:\Windows\System32\notepad.exe
copy NUL emptyfile.txt (Can you explain what just happens?) Write your explanation
down.
del notepad.exe
notepad test.txt
Write some sentences there (just for testing … anything ☺). Save it and close it.
Move the test.txt file to CO1508 folder using the following command:
Get a copy of test.txt and rename it to test2.txt by typing the following command
Repeat the command with test3.txt and test4.txt so you’ll have three files in Week13 folder.
del *.txt
Let’s try again. Copy three files into Week13 like you did above. This time also copy the
original file test.txt so you’ll have four files (test.txt, test2.txt, test3.txt, test4.txt).
Type the following command del test?.txt (Explain what happens and write it down)
* ? are called wildcards. They can be used to replace full strings (*) or single character (?).
Make sure you’ve a copy of the file test.txt in your folder Week13. Make sure it’s not empty.
Now, type the following command type test.txt test.txt > doubletest.txt
type is also used to view a file and show contents on the command line. If you use the
redirection > then the output will be redirected into a different stream (in the case above, a
new file called doubletest.txt)
Now try help > help.txt (here, you copied the output of help command into a file
called help.txt). View the file using either more or type. What is the difference?
Now try type help.txt | more (here, you piped the output of a command type to
another command more as an input). The pipe symbol helps you to do that.
Special Task
Can you tell how many lines in the file help.txt the word “Displays” is mentioned? If you’re
to do this in normal Windows (i.e., GUI), how can you do it? Write your idea here.
Now, let’s do it CMD style! First, let’s show all lines that contains the word “Displays”
How many lines? It should be 32. If not, you’ve done something wrong and you should
repeat. Ask your tutor for help if you need it.
type help.txt | find /v “” /c (Can you figure out the meaning of the output 98?)
You’re probably thinking now “I have GUI in Windows. Why do I need to learn all this???”
Well, think about a large file of code where you want to check only the lines that mention a
specific variable name (for debugging purposes). Not impressed yet? Okay, let me ask you
the following question: Can you find out how many TCP sessions that are active at the
moment on your PC? You can do that in one line in CMD!
First, you need to use netstat command, which provided information and statistics about
protocols in use and current TCP/IP network connections. Try the command:
netstat -an
where a displays all connections and n displays addresses and port numbers. Now, try this:
The above command should output the number of established connections. Explain how it
was done here.
Remember the fork bomb exercise from last semester? Well, now you’ll learn more about
batch scripting in Windows.
A batch file is used to automate tasks in Windows. It has the extension .bat or .cmd
Windows CMD interprets and executes batch files.
Save and close it. On the command prompt, write firstbat and hit Enter. Open the file
again and remove the first line (@ECHO off). Save and close it. Execute it again. Note what
happened. @ means don’t output the command itself while ECHO off will turn this
property for the entire batch file. However, ECHO off is a command that shouldn’t be
shown. That’s why it’s written as @ECHO off
start mspaint.exe
4.2 Variables
SET can be used to store variable values. Let’s try the following. Open firstbat.bat as usual
and write the following:
@ECHO off
SET /A number=25
Save and close it. Execute now. The parameter /A is used to store an integer.
@ECHO OFF
IF EXIST %input% (
DEL /P %input%
) ELSE (
Save and close it. Execute now. The parameter /P is used to get a value from the user.
:: is used for comments. Pretty sure you can work out the rest ☺ If you’ve any question, ask
your tutor.
Write a batch script that can show time, date and list of the current files in the C:\windows
directory1. Don’t move on before you finish this. Show your work to your tutor.
4. Windows Tricks
On Desktop, right click → New → Folder. Now name it con (if you can ☺)
Why can’t you name a file or a folder con? Search online and write your answer here.
Do you know that you can write 17 pages Word document in 3 seconds ?! Open Word and
create a new empty file.
In the first line, write =rand(255) then hit Enter ☺ See I told ya! Explain what happened
and write it here.
Finally, let’s hide some stuff (No, I’m not talking about making a file hidden!!!)
Open Windows CMD and navigate to your N:\CO1508\Week13 folder again. Type this
command to empty the contents of help.txt file:
1
This link might be helpful for you https://en.wikibooks.org/wiki/Windows_Batch_Scripting
notepad help.txt:mysecrets.txt
Click yes if asked. Now, write few lines (don’t write an actual secret!) Save it and close it.
Using Windows GUI, double click on help.txt and check its contents, it’s empty. Right click on
it → properties. Check the size, it says 0 bytes (ignore the size on the disk). How come?
What about your secret contents? Let’s make sure it’s still there.
notepad help.txt:mysecrets.txt
Yup! Still there. Add more lines, save and close. Any changes on the size in Windows? No.
Practically, you’ve created something called “Alternate Data Streams” which can be used to
hide date on NTFS file systems in Windows. We’ll talk more about this during the lecture
and how this feature can be abused by hackers!
Are you done? Spend the last few minutes of your lab session looking at the latest Windows
OS vulnerabilities. Use Google and write your findings here. This can get you started
https://searchenterprisedesktop.techtarget.com/tip/The-10-most-common-Windows-
security-vulnerabilities
@ECHO OFF
ECHO %time%
ECHO %date%