Page 1 of 10

CO1508 Computer Systems & Security – Week 13

Windows CMD, Batch Scripting and Some Tricks!

Summary
You are going to explore Windows CMD commands and batch scripting. You’ll also
experience some cool tricks in Windows 😊.

Note 1
If, because you don’t administrator privileges on the university’s machine, any of the
following tasks doesn’t work, you can complete it on your machine at home.

Note 2
When you read a question in this lab sheet or asked to write something down, it literally
means that you’ve to answer the question and write it down (hence, the space left under
each request). Show your answers to your tutor when you’re done.

Activities

1. Windows Information

In the lecture, we looked at some advanced system information in Windows using Run
commands. You should try it now yourself.

From Start menu → Type Run → Enter (OR press the Win + R keys on your keyboard). In the
Run window, type services.msc
Try and find the following service “Print Spooler”. What does it do? Can you stop it?

Now, open the Run window again and type compmgmt.msc

Have a browse. Look at the Task Scheduler. What do you think you can do with it? Now,
have a look at the Performance tab. What does Idle time mean for the PhyscialDisk?

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 2 of 10

Open the Run window again and type msinfo32.

Have a browse and open each tab and look inside. Can you find out the Running Tasks?
What about Windows Error Reporting?

Open the Run window again and type secpol.msc (This might not work on your university
machine) Have a browse and look at the password policy. Is the password history enforced?
What is the maximum password age?

Open the Run window again and type gpedit.msc (This might not work on your university
machine) Have a browse. Can you tell the difference between Computer Configuration and
User Configuration? Does it make a difference if we modify the Logon script on one of them
only? Can you find the Logon/Logoff scripts?

2. Windows Command Line (CMD)

As illustrated in the lecture, some tasks can be done quicker using Windows CMD rather
than GUI. In this section, we’ll go through basic commands.

From Start menu → Type cmd → Enter. You should now have the command prompt
window. Let’s start (you need to record the results of some commands). It is assumed
you’re looking at N:\ (if not, type N: and click Enter)

• Type ver (what is the result? Record it here)

• Type hostname (what is the result? Record it here)

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 3 of 10

• Type whoami (what is the result? Record it here)

• Type date (what is the result? Record it here) [just hit Enter to ignore]

• Type time (what is the result? Record it here) [just hit Enter to ignore]

• Type dir (what does this command do? Write it down)

• Type dir /p (what happens now? Write it down)

• Type dir /w (what happens now? Write it down)

• How about typing dir /w /p (what do you think? Write it down)

The command dir is used to list directory contents. As you noticed, you can change your
current root directory by typing the name followed by a colon.

• While on N:\> Type c: hit Enter then type cd c:\windows

The command cd is used to change directory. If you want to go back to the root directory,
type cd \

3.1 Working with directories

Now go back to your N: drive. After that, type md CO1508

The command md is used to create a directory (i.e., folder). Make sure the new directory is
created by using dir then navigate into your new folder by typing cd CO1508

Create a sub-directory called Week13 by typing md Week13

Now change director to Week13 by typing cd Week13

Your working directory should be now N:\>CO1508\Week13>

Type cd and click Enter. What happens? What does cd alone do? Write this down.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 4 of 10

Let’s go back one level up by typing cd ..

Try this command now rd Week13 then dir (what happens? What does rd do? Write
this down.

3.2 Copying/Moving Files

First, re-create Week13 directory within CO1508 and change directory to it. Your working
directory should be N:\CO1508\Week13>

We will copy the notepad.exe file from c:\windows\system32 to n:\CO1508\Week13. First,

let’s make sure notepad.exe exist there. Type the following command:

dir C:\Windows\System32\notepad.exe

Now, type the following

copy C:\Windows\System32\notepad.exe N:\CO1508\Week13

Make sure it’s copied (use dir command).

Let’s create an empty text file. Type the following command:

copy NUL emptyfile.txt (Can you explain what just happens?) Write your explanation

down.

Let’s rename it now. Type the following command

ren emptyfile.txt test.txt

Let’s delete notepad.exe now. Type the following command

del notepad.exe

Type the following command to edit text.txt file

notepad test.txt

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 5 of 10

Write some sentences there (just for testing … anything ☺). Save it and close it.

Move the test.txt file to CO1508 folder using the following command:

move test.txt N:\CO1508

In GUI terms, move means cut and paste.

Get a copy of test.txt and rename it to test2.txt by typing the following command

copy N:\CO1508\test.txt test2.txt

Repeat the command with test3.txt and test4.txt so you’ll have three files in Week13 folder.

Let’s delete them all

del *.txt

What do you think * do? Write your explanation here.

Let’s try again. Copy three files into Week13 like you did above. This time also copy the
original file test.txt so you’ll have four files (test.txt, test2.txt, test3.txt, test4.txt).

Type the following command del test?.txt (Explain what happens and write it down)

* ? are called wildcards. They can be used to replace full strings (*) or single character (?).

Read the following page https://kb.iu.edu/d/ahsf

3.3 Viewing a file and Pipes/Redirection

Make sure you’ve a copy of the file test.txt in your folder Week13. Make sure it’s not empty.

Type the following command to view the contents more test.txt

Now, type the following command type test.txt test.txt > doubletest.txt

View doubletest.txt file and explain what happened.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 6 of 10

Now try type doubletest.txt (Explain what happened)

type is also used to view a file and show contents on the command line. If you use the
redirection > then the output will be redirected into a different stream (in the case above, a
new file called doubletest.txt)

Now try help > help.txt (here, you copied the output of help command into a file
called help.txt). View the file using either more or type. What is the difference?

Now try type help.txt | more (here, you piped the output of a command type to
another command more as an input). The pipe symbol helps you to do that.

Special Task

Can you tell how many lines in the file help.txt the word “Displays” is mentioned? If you’re
to do this in normal Windows (i.e., GUI), how can you do it? Write your idea here.

Now, let’s do it CMD style! First, let’s show all lines that contains the word “Displays”

type help.txt | find /i “Displays”

Cool, let’s count them now

type help.txt | find /i “Displays” /c

How many lines? It should be 32. If not, you’ve done something wrong and you should
repeat. Ask your tutor for help if you need it.

Let’s try this

type help.txt | find /v “” /c (Can you figure out the meaning of the output 98?)

Write your explanation here.

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 7 of 10

You’re probably thinking now “I have GUI in Windows. Why do I need to learn all this???”
Well, think about a large file of code where you want to check only the lines that mention a
specific variable name (for debugging purposes). Not impressed yet? Okay, let me ask you
the following question: Can you find out how many TCP sessions that are active at the
moment on your PC? You can do that in one line in CMD!

First, you need to use netstat command, which provided information and statistics about
protocols in use and current TCP/IP network connections. Try the command:

netstat -an

where a displays all connections and n displays addresses and port numbers. Now, try this:

netstat -an | find /i “estab” /c

The above command should output the number of established connections. Explain how it
was done here.

3. Windows Batch Scripting

Remember the fork bomb exercise from last semester? Well, now you’ll learn more about
batch scripting in Windows.
A batch file is used to automate tasks in Windows. It has the extension .bat or .cmd
Windows CMD interprets and executes batch files.

4.1 Hello World!

From your command prompt N:\CO1508\Week13>, issue the following command

notepad firstbat.bat

Now, write the following in the new file

@ECHO off

ECHO Hello World!

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 8 of 10

Save and close it. On the command prompt, write firstbat and hit Enter. Open the file
again and remove the first line (@ECHO off). Save and close it. Execute it again. Note what
happened. @ means don’t output the command itself while ECHO off will turn this
property for the entire batch file. However, ECHO off is a command that shouldn’t be
shown. That’s why it’s written as @ECHO off

Open the firstbat.bat again and write the following

@ECHO off

ECHO Hello World!

start mspaint.exe

Save and close it. Execute now. Paint should start.

4.2 Variables

SET can be used to store variable values. Let’s try the following. Open firstbat.bat as usual
and write the following:
@ECHO off

SET name=Mark Smith

SET /A number=25

ECHO %name% is %number% years old

Save and close it. Execute now. The parameter /A is used to store an integer.

4.3 Input and Condition Statement

Open firstbat.bat again and write the following:

@ECHO OFF

::Prompt for input.

SET /P input=Enter filename to delete:

IF EXIST %input% (

DEL /P %input%

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 9 of 10

) ELSE (

ECHO ERROR: %input% cannot be found in this folder!

Save and close it. Execute now. The parameter /P is used to get a value from the user.
:: is used for comments. Pretty sure you can work out the rest ☺ If you’ve any question, ask
your tutor.

4.4 Your task

Write a batch script that can show time, date and list of the current files in the C:\windows
directory1. Don’t move on before you finish this. Show your work to your tutor.

4. Windows Tricks

On Desktop, right click → New → Folder. Now name it con (if you can ☺)

Why can’t you name a file or a folder con? Search online and write your answer here.

Do you know that you can write 17 pages Word document in 3 seconds ?! Open Word and
create a new empty file.

In the first line, write =rand(255) then hit Enter ☺ See I told ya! Explain what happened
and write it here.

Finally, let’s hide some stuff (No, I’m not talking about making a file hidden!!!)

Open Windows CMD and navigate to your N:\CO1508\Week13 folder again. Type this
command to empty the contents of help.txt file:

copy nul help.txt

1
This link might be helpful for you https://en.wikibooks.org/wiki/Windows_Batch_Scripting

CO1508 Computer Systems and Security, UCLAN – 2019-2020

 Page 10 of 10

click yes to overwrite. Then type this:

notepad help.txt:mysecrets.txt

Click yes if asked. Now, write few lines (don’t write an actual secret!) Save it and close it.

Using Windows GUI, double click on help.txt and check its contents, it’s empty. Right click on
it → properties. Check the size, it says 0 bytes (ignore the size on the disk). How come?
What about your secret contents? Let’s make sure it’s still there.

notepad help.txt:mysecrets.txt

Yup! Still there. Add more lines, save and close. Any changes on the size in Windows? No.

Practically, you’ve created something called “Alternate Data Streams” which can be used to
hide date on NTFS file systems in Windows. We’ll talk more about this during the lecture
and how this feature can be abused by hackers!

5. Extra Task: Recent Windows OS Vulnerabilities

Are you done? Spend the last few minutes of your lab session looking at the latest Windows
OS vulnerabilities. Use Google and write your findings here. This can get you started
https://searchenterprisedesktop.techtarget.com/tip/The-10-most-common-Windows-
security-vulnerabilities

Batch script solution

@ECHO OFF

ECHO %time%

ECHO %date%

dir c:\windows | more

CO1508 Computer Systems and Security, UCLAN – 2019-2020