batch file programming

March 15, 2009 at 09:47:33
Specs: Windows XP
How do you have a batch file (xp) read another batch file and search for specific commands/text?

i am trying to create a script from preventing users from opening the command prompt using the ever-popular batch file:


i would make the batch file the system default for opening batch files, so when a user executed the batch file, it opened the script i made, checked the file for the line "COMMAND.COM", and if it found it, prevented execution.

or if you have a better way to do this that would be great

-thanks, nathan

March 15, 2009 at 10:38:35 isn't a batch file, it a programme. is what is know as a command interpreter. It is a throw back to DOS where had to be running for the system to do anything. has to be running in order to execute any batch file. By the time a user runs your batch file, is loaded and running

If you want to prevent user from using the Run command you can disable it in Windows XP Professional. I'm not sure you can do that in Windows XP Home though.


March 15, 2009 at 15:47:47
what i meant was there is a way around the blocking of use of
the command prompt by going into notepad, typing
COMMAND.COM, saving it as a batch file, and executing it.
this brings up the command prompt wether the user is allowed
to or not.

March 15, 2009 at 21:44:47
if you want to block user from accessing command prompt, i know a way to do it from registry.

and there is a command to modify registry from command prompt, but i think it will only take effect until next restart.

March 16, 2009 at 04:50:34
well yes, the registry does technically block the use of the command prompt, but there is still a very simple way of getting around that (mentioned above). that's why im trying to write a script to block this work-around.

March 16, 2009 at 05:47:13
are you sure??


double click, and then cmd window pop up:

The command prompt has been disabled by your administrator.

Press any key to continue . . .

then i goto RUN, and type, it does show up the window, but no command can be executed.

Microsoft(R) Windows DOS
(C)Copyright Microsoft Corp 1990-2001.


The command prompt has been disabled by your administrator.

Press any key to continue . . .

or if you want to use a script as your default shell execute:
assuming you have set the shell to script.cmd "%1" %*

type "%~1"|find/i "" && taskkill/im "cmd.exe" || %comspec% /k "%~1"

when i tested it out, if i rename script.cmd to script.bat, it goes into infinite loop.
i think you can get around by creating a new extension and cmd.exe as the shell.

March 19, 2009 at 16:14:21
what service pack are you using? in xp im assuming.
microsoft might have fixed the problem.

and judging by the last script you posted, you are decades
ahead of me in anything to do with batch files

the problem is that it's a major hole that is exploited on the
computers at my school. im trying to find a way to close it for
my own knowledge, and maybe even to help the school,
because it's ridiculous how many people use this work-around

March 20, 2009 at 04:48:27
This is probably an obvious question but with the registry edit do you have the value of DisableCMD set to 1 or 2?

I can get (but not cmd.exe) to work as mentioned above when the value is 2(on xp home sp3), but not when the value is 1. The value 2 allows batch files to execute but no command prompt, the value of 1 allows neither.

