Any Goog Batch Scripters In here?

tstrip007 · January 2018

Im trying to put together a simple batch script that creates an entry in the registry. I would like the script to check to see if it exists, if it doesnt, it adds it and if it does exists the command closes. This is what Ive got but it doesnt work, is adds the reg, but when i test it again it asks me if I wont to add it again. Any help would be appreciated.

if exist "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule" goto End
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 2

:End
cls
exit

tstrip007 · January 2018

Thats Good* not goog, lol

tstrip007 · January 2018

ugh looks like i can add a /f at the end to force overwrite but if there's a better way. I'm all ears.

wd40 · January 2018

I don't think if exist works like this in a batch file.

I am not an expert but I "googled it"

Take a look at reg query

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc742028(v=ws.11)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc732643(v%3dws.11)

gespenstern · January 2018

:: by gespenstern @ TE 2018 for tstrip007

:: first we establish if there's an entry.
:: the next command will set %errorlevel% variable to 0 if
:: successful (i.e. the entry exists) or 1 (or anything
:: besides 0) if unsuccessful (we assume no entry)

reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule

:: checking errorlevel variable if the query has failed
:: and if so create an entry

if %errorlevel% EQU 0 goto end else (
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 1
)

:end

blargoe · January 2018

Why not Powershell?

$path = "HKLM:SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule"
$name = "AssumeUDPEncapsulationContextOnSendRule"
$value = 1

if (test-path $path -ne $true) {
new-item -path $path -name $name
set-itemproperty -path $path -name $name -value $value -propertytype dword
}

JoJoCal19 · January 2018

I second what blargoe said, why not look into Powershell? I had been trying to do some batch scripting about two years back and it seemed like I found a bunch more resources in Powershell for doing the same thing I was trying to learn. I ended up creating a mostly working PS script instead. If I remember correctly, you can even tie in old cmd script commands into PS. Also, it seems PS commands end up being more simple and easier to learn and remember.

gespenstern · January 2018

Just to give some ideas, why sometimes it's not PS.

1. There could be Windows 2003 servers or XP/Vista workstations without WMF installed (no PS).
2. PS could be disabled enterprise-wide for security reasons (had some clients with that).
3. WinRM could be disabled/not configured which makes using PS remotely a problem, while RPC is open almost everywhere, so tools like psexec, paexec, smbexec, winexe work fine (and they have issues with PS).
4. From offensive perspective, modern PS became VERY visible and transparent.

Any Goog Batch Scripters In here?

Comments