Any Goog Batch Scripters In here?

tstrip007tstrip007 Posts: 306Member ■■■■□□□□□□
Im trying to put together a simple batch script that creates an entry in the registry. I would like the script to check to see if it exists, if it doesnt, it adds it and if it does exists the command closes. This is what Ive got but it doesnt work, is adds the reg, but when i test it again it asks me if I wont to add it again. Any help would be appreciated.

if exist "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule" goto End
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 2

:End
cls
exit

Comments

  • tstrip007tstrip007 Posts: 306Member ■■■■□□□□□□
    Thats Good* not goog, lol
  • tstrip007tstrip007 Posts: 306Member ■■■■□□□□□□
    ugh looks like i can add a /f at the end to force overwrite but if there's a better way. I'm all ears.
  • wd40wd40 Senior Member Posts: 983Member ■■■■□□□□□□
  • gespensterngespenstern Posts: 1,243Member ■■■■■■■□□□
    :: by gespenstern @ TE 2018 for tstrip007

    :: first we establish if there's an entry.
    :: the next command will set %errorlevel% variable to 0 if
    :: successful (i.e. the entry exists) or 1 (or anything
    :: besides 0) if unsuccessful (we assume no entry)

    reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule

    :: checking errorlevel variable if the query has failed
    :: and if so create an entry

    if %errorlevel% EQU 0 goto end else (
    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 1
    )

    :end
  • blargoeblargoe Posts: 4,165Member ■■■■■■■■■□
    Why not Powershell?


    $path = "HKLM:SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule"
    $name = "AssumeUDPEncapsulationContextOnSendRule"
    $value = 1

    if (test-path $path -ne $true) {
    new-item -path $path -name $name
    set-itemproperty -path $path -name $name -value $value -propertytype dword
    }
    IT guy since 12/00

    Recent: 1/29/2018 - Passed 70-743 - MCSA 2016 Complete; 1/13/2018 - Passed 70-411 - MCSA 2012 complete
    Working on: Being a better coder, build/test/deploy automation fundamentals
    Future: Renew VCP (due 2/2019), possibly with an adjacent VCP or VCAP
  • JoJoCal19JoJoCal19 California Kid Posts: 2,745Mod Mod
    I second what blargoe said, why not look into Powershell? I had been trying to do some batch scripting about two years back and it seemed like I found a bunch more resources in Powershell for doing the same thing I was trying to learn. I ended up creating a mostly working PS script instead. If I remember correctly, you can even tie in old cmd script commands into PS. Also, it seems PS commands end up being more simple and easier to learn and remember.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, Pentesting
    Next Up:​ eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python)
  • gespensterngespenstern Posts: 1,243Member ■■■■■■■□□□
    Just to give some ideas, why sometimes it's not PS.

    1. There could be Windows 2003 servers or XP/Vista workstations without WMF installed (no PS).
    2. PS could be disabled enterprise-wide for security reasons (had some clients with that).
    3. WinRM could be disabled/not configured which makes using PS remotely a problem, while RPC is open almost everywhere, so tools like psexec, paexec, smbexec, winexe work fine (and they have issues with PS).
    4. From offensive perspective, modern PS became VERY visible and transparent.
Sign In or Register to comment.