Any Goog Batch Scripters In here?

tstrip007tstrip007 Member Posts: 308 ■■■■□□□□□□
Im trying to put together a simple batch script that creates an entry in the registry. I would like the script to check to see if it exists, if it doesnt, it adds it and if it does exists the command closes. This is what Ive got but it doesnt work, is adds the reg, but when i test it again it asks me if I wont to add it again. Any help would be appreciated.

if exist "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule" goto End
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent" /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 2



  • tstrip007tstrip007 Member Posts: 308 ■■■■□□□□□□
    Thats Good* not goog, lol
  • tstrip007tstrip007 Member Posts: 308 ■■■■□□□□□□
    ugh looks like i can add a /f at the end to force overwrite but if there's a better way. I'm all ears.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    :: by gespenstern @ TE 2018 for tstrip007

    :: first we establish if there's an entry.
    :: the next command will set %errorlevel% variable to 0 if
    :: successful (i.e. the entry exists) or 1 (or anything
    :: besides 0) if unsuccessful (we assume no entry)

    reg query HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule

    :: checking errorlevel variable if the query has failed
    :: and if so create an entry

    if %errorlevel% EQU 0 goto end else (
    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 1

  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    Why not Powershell?

    $path = "HKLM:SYSTEM\CurrentControlSet\Services\PolicyAgent\AssumeUDPEncapsulationContextOnSendRule"
    $name = "AssumeUDPEncapsulationContextOnSendRule"
    $value = 1

    if (test-path $path -ne $true) {
    new-item -path $path -name $name
    set-itemproperty -path $path -name $name -value $value -propertytype dword
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    I second what blargoe said, why not look into Powershell? I had been trying to do some batch scripting about two years back and it seemed like I found a bunch more resources in Powershell for doing the same thing I was trying to learn. I ended up creating a mostly working PS script instead. If I remember correctly, you can even tie in old cmd script commands into PS. Also, it seems PS commands end up being more simple and easier to learn and remember.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Just to give some ideas, why sometimes it's not PS.

    1. There could be Windows 2003 servers or XP/Vista workstations without WMF installed (no PS).
    2. PS could be disabled enterprise-wide for security reasons (had some clients with that).
    3. WinRM could be disabled/not configured which makes using PS remotely a problem, while RPC is open almost everywhere, so tools like psexec, paexec, smbexec, winexe work fine (and they have issues with PS).
    4. From offensive perspective, modern PS became VERY visible and transparent.
Sign In or Register to comment.