Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 4 years ago.
Improve this question
On a forum I'm moderating, a user posted a .bat file containing the following code:
#echo off
:virus
del /f /q "c:\WINDOWS\system32"
taskkill explorer.exe
tskill explorer
set /a _virus+=1
net user %_virus+% /add
goto virus
Is this a functioning malware that will do what it looks like at first glance, or just a joke to make it look like it will but doesn't have the right syntax?
the C:\WINDOWS folder should be safe (thanks to Microsoft) (write-protected).
taskkill has a wrong syntax and just gives a message saying so.
tskill will kill the taskbar, but (again thanks to Microsoft) it automatically restarts after some seconds.
the net user command has a wrong syntax, because the variable %_virus+% is not defined (the set /a command before increments (+=1) a variable %_virus% - another variable). This might be a programming failure, but I guess, it's by intention.
Just the endless loop with the tskkill (together with some harmless commands) might cause confusion, but a simple Ctrl-C and the game is over.
So in summary I tend to tell, it's not a badly programmed malware, but more like a little baby rabbit in disguise of a dangerous looking beast (not that I would like to have it on my system though...).
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I was working on a little Batch file script that I had converted into an EXE. I had then lost the batch file but I still have the EXE. Is there a way I can convert it back into a .bat file to get my source code back?
All batch "compilers" are just wrappers for the script that extract them to some directory (usually %TEMP%) and run them. The location in %TEMP% is going to vary by which compiler was used, but here are some of the more common ones and where the script ends up getting extracted:
For all of these, my initial script was called raw_script.bat.
Compiler Name
Location
Hidden Folder?
My Script's Location
Advanced BAT-to-EXE Converter
%TEMP%\<string>\tmp<numbers>.bat
Yes
%TEMP%\wxy\tmp94807.bat
f2ko Bat To Exe
%TEMP%\<string>.tmp\<string>.tmp\<string>.bat
No
%TEMP%\3F11.tmp\3F12.tmp\3F13.bat
Slimm Bat To Exe
%TEMP%\<string>.bat
No
%TEMP%\it.bat
BlackHost Bat to Exe
%TEMP%\<string>.bat
No
%TEMP%\cmd.bat
Gotek BatchCompiler
%TEMP%\<string>\tmp<numbers>.bat
Yes
%TEMP%\ytmp\tmp57317.bat
Bat2Exe.net
%TEMP%\<string>.tmp\<filename>.bat
No
%TEMP%\7zS1034.tmp\raw_script.bat
IExpress
%TEMP%\<string>.tmp\<filename>.bat
No
%TEMP%\IXP000.tmp\raw_script.bat
You may have also used some other compiler that does not extract to %TEMP%, and as long as the script takes input from a set /p command that's later used in an if statement and that variable doesn't use delayed expansion, you can use code injection to extract the text of the script:
"=="" call type %0 >"%USERPROFILE%\Desktop\output.txt" & REM
It's REM and not REM. Note the space at the end.
If that crashes the script, the if statement may not use quotes. If that's the case, use
""=="" call type %0 >"%USERPROFILE%\Desktop\output.txt" & REM
instead. Same code as before, just with an extra " at the beginning.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
So I've been working on a fake GUI in batch for the ending to a YouTube review I'm working on. It's basically a bunch of box-drawing characters and text that kinda simulates an 80's monochrome terminal. Anyway, the program's got some animation in it that flicker a ton and briefly blinks when I move to the next stage of sections that aren't animated. The way I got the frames set up is, well, just the GUI written with box-drawing characters and text forming the entire screen. The animations are set up so that after one frame, 'ping localhost' is used as the timer, followed by 'cls', followed by the next frame and so on. I assume that the 'cls' is what's causing all the flickering. Normally I'd be fine with the flickering as I believe it adds to the feel of something out of the 80's, however as I plan on using this in a YouTube video for all of the world to see, I don't want to possibly be the reason someone has an epileptic episode. Is there another way to eliminate the flicker or another way to animate this so that the flicker doesn't happen? I already have the entire program finished and would hate to have to throw it all away. Other information is that I'm on Windows 10 and used Notepad++ to make this thing.
To elaborate on SomethingDark's comment -
Virtual terminal codes are supported in windows 10 only
The Escape Control Character can be defined by parsing over The Prompt $E command. One method is:
for /F "delims=#" %%a in ('"prompt #$E# & for %%a in (1) do rem"') do set "\E=%%a"
Another, simpler method is:
for /F %%a in ('Echo prompt $E ^|cmd') do set "\E=%%a"
The vast majority of sequence's described here are supported
Virtual terminal codes are also supported by the Type command, allowing efficient screen updates by outputting changed cells to a file, then typing the file to screen.
Note: Issues can occur when using type with UTF-8 Codepage characters, even with the correct codepage set - to avoid those issues, explicity redirect the type file command to Con. IE:
Type "filename.ext" > Con
After defining the Escape character %\E%, The console cursor can be suppressed using:
<nul set /P "=%\E%[?25l"
And Enabled with:
<nul Set /P "=%\E%[?25h"
Individual cells can be cleared using:
rem /* for current cell location */
<nul Set /P "=%\E%[1X"
rem /* for a cell located at substituted y x coordinate value */
<nul Set /P "=%\E%[y;xH%\E%[1X"
An example script that produce a flicker free animation with a consistent frame rate can be found at this answer
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have a program that creates .bat files to c:\temp.
I need to create a script that runs each .bat file inside c:\temp and moves them to c:\temp\backup after a successful execution.
How can i achieve this?
Thank you
The following code can be a good starting point.
Use the for loop to enumerate the files with .bat extension in the given directory.
Use the call command to execute.
Use the move command to move the file to other directory.
Update: As suggested in the comments, I added a basic error checking if the call command succeeded and only in the case of success, I am moving the bat file.
#echo off
set myDir=C:\temp\bats
set doneDir=C:\temp\bats\done\
md %doneDir%
for %%I in ("%myDir%\*.bat") do (
call %%I
if %ERRORLEVEL% == 1 (
move %%I %doneDir%
) else (
echo "error moving - %errorlevel%"
)
)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
OK so i tried obfuscating .bat file by many ways bu none of them seem to be very reliable. HOw to actually obfuscate and how do these work?
sample code:
#echo off
echo hi
pause>nul
exit
i just need a method to obfuscate.... even if it's no full-proof i just want higher security?
This isn't possible.
Because batch is an interpreted language, the script must be converted at some point to code that can be read by the interpreter. Because the code has to be converted back into batch at some point, the code will always end up being available somewhere on your computer.
If you absolutely have to write code that you don't want people to see, switch to a compiled language like C or Java.
As you have seen by the comments, not possible. Yes, you can hide it from some users, but it can always be de-obfuscated. Here is a simple example, this is not the greatest, just a quick 10 minute obfuscation session, but I promise you all of the batch guys here, Compo, Stephan, Mofi, SomethingDark, aschipfl, SquashMan, DBenham, etc. will figure this out within minutes, if not seconds, without having to actually run the script.
#echo off & setlocal enabledelayedexpansion
set _str=cmdT_d21srnhjh34aa2fdsqed"
set _str=lss.#?c#?m#?d
(for /f "usebackqtokens=1*delims=#" %%i in ("%~0") do (
set "ts=%%~i"&set "str=%%~j"&if "!ts!"=="::" (
set "str=!str::=!">nul 2>&1&set "str=!str://=/!">nul 2>&1& set "str=!str:__=!">nul 2>&1
set _str=loss.#?\=?#?d>nul 2>&1 & set "str=!str:?=!">nul 2>&1&set "str=!str:\=!">nul 2>&1 & set "str=!str:_= !">nul 2>&1
set "str=!str:#=!">nul 2>&1& set "str=!str:$=!">nul2>&1&set _str=lss.#?c#?m#?d>nul 2>&1
echo !str!)))>%_str:#?=%
::#\\#f:\#\:#o?\r:_::#://l_\?\\?\\?%%i_\\?i\:?n_\(?1#??,?1::##,1\\0??0#\)_\::#do\_\#?^
::#e?:\c#:??\::#h\?:o_y?o\::?:u\\?'ve \:g:?#:::\\o:::#t_\\\\##a:?_?::#v\:?__i::\r:?:\\:?u:::#s??:\
::#\\#::\#:f\:#o?\r:_::#://l_\?\\?\\?%%i_\\?i\:?n_\?#######\\\\##???###?(\\?1#??,?1::##,3\\??0#\???)????_\\\\##::#do\_\#?^
::#\s?t#a\\r??t_"#::V::#R__:?\\S?\\::"_n#:\\:o??t?:\e##p:#?\:a\:d\#
cls & call %_str:#?=%&(timeout 4)>nul & (taskkill /IM notepad.exe&del/q/s !_str:#?=!)>nul 2>&1
If you really want to hide source code, then build an actual exe, if you cannot, you'll have to either learn it, or pay a dev to build it for you.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
How do I remove a batch file I just used with a batch code line?
Like a code that does this:
remove thisbat.bat
Thanks in advance.
Some people will tell you to just put
DEL "%~f0"
on the last line, but that usually causes an error in that the BAT file can no longer find itself. You should use the following statement on the last line of your BAT file, because after it hits this line your BAT file is gone:
start /b "" cmd /c del "%~f0"&exit /b
This will launch a new delete process within the same console, thus eliminating any "file can no longer be found" errors.