3 Things You Didn't Know about Windows Command Prompt

  Рет қаралды 96,331

John Hammond

John Hammond

Күн бұрын

Пікірлер: 157
@elandrildoendur1579
@elandrildoendur1579 Жыл бұрын
The reason for this behavior is a long standing limitation in Windows on how the pipes work. When you start a command prompt (cmd.exe) in Windows it needs to connect to its input and output pipes with the host window (conhost.exe), so that you can see and interact with the command prompt. Unfortunately in Windows a pipe can only be connected exactly once - in this case to the conhost Window. Therefore the input & output pipes of the command line interpreter cannot be piped or redirected anymore. So when you start a command that gets piped or redirected the command line interpreter has to start this in a sub-shell (via COMSPEC) to be able to construct the pipe/redirection. Technically this would not be needed if the first command of the pipe was an executable file (and not an cmd-internal command), but the shell uses the COMSPEC sub-shell anyway (maybe for consistency reasons). An additional execution of COMSPEC happens for each cmd-internal command along the pipe.
@Patrik6920
@Patrik6920 Жыл бұрын
interesting... i wouner what happends if u do [set COMSPEC="cmd.exe(pipesign)cmd.exe"]... an endless loop?, or maby an loop that ends when some calling stack is full? ... maby someone could try this? or maby [set COMSPEC="cmd.exe >(pipesign)notepad.exe(pipesign)notepad.exe"]? sounds like the behaviour would be rly odd.... maby each cmd has its own stack?
@konfushon
@konfushon Жыл бұрын
seeing John Hammnod executing Linux commands like (CTRL L and clear) while in Windows is kinda funny to me 😂😂..shows how much time he spends on the Linux World
@jimo8486
@jimo8486 Жыл бұрын
yee
@Omena0
@Omena0 Жыл бұрын
Windows is werid when ls doesent work
@brighthades5968
@brighthades5968 Жыл бұрын
clear is a powershell cmdlet
@ThisGuyDakota
@ThisGuyDakota Жыл бұрын
@BrightHades5968 technically an alias for clear-host. But the alias is made to be friendly for linux users. Another example is "ls" which is one of the aliases for get-childitem
@BrknSoul
@BrknSoul Жыл бұрын
Also, he seems to needlessly reinvoke his SET command every time he runs CLS. It's just clearing the screen, not running a new instance of CMD!
@DutchRider
@DutchRider Жыл бұрын
This 8191 limitation is not specific to the command prompt, but rather it is a limitation of the Windows API function GetCommandLineW, which is used by the command prompt to retrieve the command line. The GetCommandLineW function returns a pointer to the command line string, which is stored in a buffer. The size of the buffer is 8192 characters, and the last character is reserved for the null terminator, so that's why..
@drescherjm
@drescherjm Жыл бұрын
As a software engineer this has caused me problems building some opensource c++ code with very long filenames in deeply nested paths. The workaround for one project was that I had to use the subst command map a drive letter to a path to shorten it enough for the build to succeed. It was so frustrating to me that this still existed in 20XX.
@DutchRider
@DutchRider Жыл бұрын
@@drescherjm just use the \\?\ prefix and be done with it.
@drescherjm
@drescherjm Жыл бұрын
@@DutchRider Thankfully I build the two problematic libraries in a different way now using vcpkg and don't have the issue. With that said I am not sure if the build tools (CMake and QMake) would allow for UNC paths. I have never tried that.
@crankMiHoffer
@crankMiHoffer Жыл бұрын
durrp
@ackzero5972
@ackzero5972 Жыл бұрын
The double firing of calc is likely because the commands you are executing are internal commands to CMD. So the Windows Subsystem likely still knows those commands can be executed and the COMSPEC is what needs to be ran to execute. However, with you having it set to Calc.exe it fires that twice...the weirdness that is windows. Great content though.
@eidodk
@eidodk Жыл бұрын
It's the | char ..... That's the "pipe" command ... There's literally two commands on that one line.
@sebastianzander87
@sebastianzander87 Жыл бұрын
@@eidodk no not the pipe itself, it's like AckZero wrote: it's the internal commands of CMD. type, dir and echo are internal commands, whereas clip and whoami are external commands (standalone programs or scripts). You can see in the video that calc.exe isn't run twice when John piped into clip and whoami.
@tylercoombs1
@tylercoombs1 Жыл бұрын
@@eidodk Yeah exactly when you string commands together with pipe it executes one command at a time
@ThisGuyDakota
@ThisGuyDakota Жыл бұрын
FYI, you can use terminal to handle both powershell and command prompt sessions. You just need to hit the little "down" arrow next to the new tab and select command prompt.
@ThisGuyDakota
@ThisGuyDakota Жыл бұрын
Kind of forgot, but you can also split the pane within each tab. Just right-click the tab and click split pane. Just thought I'd share that bit too. Both methods would probably help keep things smooth when you're recording 👍 In any case, really cool stuff covered here. I think I learned more than 3 things though lol I didn't know set on its own would display the environment variables
@4_real_bruh
@4_real_bruh Жыл бұрын
You can also switch shells on-the-fly same as in Linux: PS currentPath> cmd currentPath> wsl /currentPath>exit currentPath> exit PS currentPath>
@AGLubang
@AGLubang Жыл бұрын
This bring memories. I am cursed that Batch file is my first "programming language" (if you want to call it that hahaha). To remove quotes in notepad, for SET command, you should either 1) remove quotes and spaces between equals, as in SET comspec=notepad , because everything after the space after SET is part of the first argument. For example, typing SET comspec = notepad (note the spaces) DOESN'T assign "notepad" to %comspec%, but assign " notepad" to %comspec % (note again the spaces)! The 2) is to put quotes in the whole first argument like SET "=" (again no space between equals). This emphasizes the first argument thingy, and this is how I do it because it looks clearer than 1). In ECHO command, quotes will be part of the string to be displayed. I prefer writing ECHO this way: ECHO(. I put parenthesis so that even if is empty, it just displays new line. Some people use ECHO: (colon instead of parenthesis), but I just prefer parenthesis. The comspec thing is new to me, but I am not suprised. CMD is full of bugs like this. Maybe I'll explore a bit on this.
@maxmuster7003
@maxmuster7003 Жыл бұрын
test.bat "String" echo DB "%1", FF>>tmp.deb debugoutput.txt The output of a attached string into a memory location from a batch file using debug in DOS have no quote bytes.
@drygordspellweaver8761
@drygordspellweaver8761 Жыл бұрын
the good part starts at 25:55
@JeffNoel
@JeffNoel Жыл бұрын
Gotta love Windows content! Didn't know about the comspec variable and I can see this being used in a penetration testing setting for several things..
@sarainiaangelsong440
@sarainiaangelsong440 Жыл бұрын
Yup gotta keep Windows and top security companies always on their toes huh lols 😆 always vulnerabilities and penetrations for them to constantly forever keep patching out or working around always. Glad this kind of stuff goes online so Windows and the like can see what's going on under the hood, cuz I bet there is alot that goes unseen/unuploaded/unshared and are kept as potential 0 Days. Tbh I think Windows needs to rework more than just this, they need a new design cuz Windows 7 was my last fave OS version and then it got all weird with the new stuff.
@rolanddunbar5403
@rolanddunbar5403 Жыл бұрын
Yo Bro I love your videos!!! I try and follow along sometimes and rewatch and pause and go along and it is always a super fun trip everytime!!! I have just build my first computer last year and I am having a blast learning all this stuff...Thank you!!
@luketurner314
@luketurner314 Жыл бұрын
The next time you need a "random" port for something, use 8191 as a callback to this. Like, 'nc -nlvp 8191'
@umutbitlisli5126
@umutbitlisli5126 Жыл бұрын
Brings back memories. Wondering if the code written fails due to certain delimiters being inadvertently evoked. If you have two commands with different extensions “.com” vs “.exe” . “.com” wins. Also wondering if there’s an option to “call” versus run. I have very little experience in the new environments but wondered if that could be helpful.
@slacker1
@slacker1 Жыл бұрын
8,191 characters...got it... Scratch 8,191 characters off Bucket List...
@nerdynerd1024
@nerdynerd1024 Жыл бұрын
And the notepad thing, I think that is explainable as well. Notepad can take an input. The calculator can't. That means that when terminal gives notepad the commands, notepad thinks that it is a path to a file to open. It isn't. And so notepad is saying, "I can't find this file! I don't even think this is the path to a file!"
@chrishartley1210
@chrishartley1210 Жыл бұрын
No! COMSPEC is a path to the command to be interpreted, NOT a path plus a variable to be passed to that command. Notepad isn't saying "I can't find this file", windows is saying "I cant find a file called 'notepad test.txt'".
@rtzgf67games7
@rtzgf67games7 Жыл бұрын
I think it runs the calc.exe, because the | has to be dealt with by cmd. I also tried it with the && and it works the same, but let's say I make a simple C++ program that outputs hi, then I write echo "test" && prog.exe , that would result in outputting "test", hi and also running the calculator. C:\Users\\OneDrive\Desktop\test>echo "test" && test3.exe "test" hi (the command above also runs the calc.exe as mentioned in my comment)
@rtzgf67games7
@rtzgf67games7 Жыл бұрын
@user-rb5we8ms4m Hell yeah! Oh wait... it's a scam.. what a shame
@LytleSmith
@LytleSmith 18 күн бұрын
Echo, Dir, and Type are all what's known as internal commands that are basically sub commands built into the CMD executable.
@trainwreck1827
@trainwreck1827 Жыл бұрын
What if you made a .cmd file (or bat file, whatever) and set that as COMSPEC? You can tell the bat file to ignore those few switches up front. When you run your pipe command, it executes the bat file and ignores the crud. Might work
@lennyaltamura2009
@lennyaltamura2009 Жыл бұрын
I have seen an old vulnerability with older versions of windows, where you could pipe and redirect procedure calls through Wordpad + the font functions to execute malicious code. It works similarly to what you are attempting to do with com spec. I find this interesting. You can find a vulnerability here. You will need a hex editor, though, not the proc monitor. I don't think cmd.exe runs in protected memory by default. I see your logic here. But Dutch Rider is correct about the 8192; it's a buffer size, not the actual pointer or memory address. I wonder if you can run a command line argument within the API call to retrieve variables outside its defined scope. That would be cool.
@darkdagger032
@darkdagger032 Жыл бұрын
This is pure gold
@raunaksaigal8925
@raunaksaigal8925 Жыл бұрын
Never could have known that something this cool exists had you not pointed it out...Awesome
@lonerez
@lonerez Жыл бұрын
The only method I found to use this is simply pass some arguments to another batch file. Like this: Batch File: @echo off set arg=%~4 if defined arg echo Working! Detected arg is %arg% Command Line: set COMSPEC= break|echo " " not that much gamebreaking but kinda cool
@andreasrothenhauser5352
@andreasrothenhauser5352 Жыл бұрын
You owe me one fact about the Windows command prompt, since I knew the one with the maximum length already (we were trying to abuse commands for file transfer a few weeks back). ;)
@brandonhough4623
@brandonhough4623 Жыл бұрын
I did not know you were involved in the Cyberforce competition! I've done it on the blue and red team side!
@RobertoCapodieci
@RobertoCapodieci Жыл бұрын
the pipe takes the output of the first command and pass them as parameters to the second command executing it with the set cmd. if you replace it to a notepad, then the first part should produce the parameter you need. echo "c:\\test.txt"|rem would open the test file
@generovinsky
@generovinsky Жыл бұрын
ECHO, TYPE, DIR are all commands, the extra firing is because you are adding extra commands, & would have the same effect as the | in your example
@samfisher8426
@samfisher8426 Жыл бұрын
i think its because the pipe " | " ,its programmed to use new cmd to execute the piped syntax
@peppigue
@peppigue Жыл бұрын
my thinking too
@KurtVanBever
@KurtVanBever Жыл бұрын
That's 100% correct. There's nothing funny going on here. The thing does exactly what you asked of it.
@christopherthomas9047
@christopherthomas9047 Жыл бұрын
This was so interesting. Thanks John!!
@JacobP81
@JacobP81 Жыл бұрын
16:20 What about se on Linux.the shift command, could that help?
@macsnafu
@macsnafu Жыл бұрын
I have no clue what changing the comspec is good for. But I watched the video anyway! ;-)
@gilgalin8917
@gilgalin8917 Жыл бұрын
I'm pretty well-versed with cmd/pwsh/bash but curiosity prevailed and clicked to watch - however 3/4 of the video I started expecting John to come up with 0-day PoC the way he was pushing our mind with those limitation: 8191 🤣🤣😂😂😂😂
@pranava__rao
@pranava__rao Жыл бұрын
Hey John! The maximum length of the string that you can use at the command prompt is 8191 characters. 😂
@pranava__rao
@pranava__rao Жыл бұрын
The Win32 limitation for environment variables is 32,767 characters. 😂
@devil2005iscool
@devil2005iscool Жыл бұрын
Try using the RTL or LTR character in charmap and inputting a mirrored commandline to run an application.
@lilv728
@lilv728 Жыл бұрын
Am I the only one who was surprised that in the IDLE shell you can retrieve the output of ' '*8191 from that expandable box? I would have just used the print function and copied the output! The way you did it is way easier
@richshealer3755
@richshealer3755 Жыл бұрын
Way back in the 80's power users tried to squeeze as much conventional memory as possible from their DOS PC. Some Lotus 1-2-3 users would set their CONFIG.SYS SHELL to point directly to 123.exe. That would give them a few dozen more K to use. Of course they would have to boot from a floppy to rename or edit CONFIG.SYS to restore the normal functionality.
@Reverend11dMEOW
@Reverend11dMEOW Жыл бұрын
pretty sure it is because 'type' is internal to cmd.exe, while whoami is an executable?it has been awhile, but it fits what I do recall from several decades ago.
@anthonypetruzzi158
@anthonypetruzzi158 Жыл бұрын
You should change the title to "3 Things You Didn't Know about Windows Command Prompt, None of which are useful"
@aaabucus3104
@aaabucus3104 Жыл бұрын
John Hammond your my hero
@zangin
@zangin Жыл бұрын
What if you put the spaces before the “notepad.exe” or the cmd.exe? Or a combination of spaces before and after?
@aaaronmiller100
@aaaronmiller100 Жыл бұрын
this is similar to an old dos bug I found in HS, I believe related to 16 or 32bit charachter lengths. If you create a directory within another directory and then iterate once your directory length exceeds that length the whole directory structure wigs out and you will see the contents of your root directory at the bottom of your directory tree well; and since you can't delete your root directory you can't remove the nested directories once the glitch is enabled. I obviously used cusswords and this script to Borg a machine in the school shop and got called in the next day ; finding they had resolved the issue by renaming all my directories....didn't think to change the creation date and got caught; DOH!!!
@thebitterbeginning
@thebitterbeginning Жыл бұрын
In reference to 18:48 into this video, you typed "notepad.exe" (which is 11 characters), then you pasted 8191 space characters. You showed that it won't let you type anything more. I'm guessing only 8180 of those space characters actually pasted while 11 of them were truncated. Since you already had 11 characters there (from "notepad.exe"), it only let you paste 8180 of the space characters; you had hit your limit and can't type any more. But did you try to backspace a few characters and then type an argument?
@tylercoombs1
@tylercoombs1 Жыл бұрын
I think when you pipe in the command to cmd it treats each command separately and executes them individually and this is why calc pops up twice
@wizarrc
@wizarrc Жыл бұрын
Why does it have to be your own executable, can you have it load up another powershell or batch script instead to parse out the arguments?
@Clarence-Homelab
@Clarence-Homelab Жыл бұрын
fun video to watch :) @15:13 Is the PATHEXT Env variable potentially being show as a hint for what is allowed when setting the COMSPEC variable? i.e. it needs to be an executable and the reason why Notepad and Calc work so well is because they are in System32 and Windows knows them to be an inherent part of the system. Those are my speculations.
@MygenteTV
@MygenteTV Жыл бұрын
Can you please make a video on this but using it to make a reverse shell or something like that?
@martiekr
@martiekr Жыл бұрын
To me, CALC.exe is fired when you execute a CMD.EXE internal command, like echo, dir, type. Internal commands fire CMD.exe as CMD.exe has to execute it as they they are internal into the CMD.exe, CMD.EXE tryes to Run these internal command into a second CMD.EXE instance. But you have CMDSPEC set to CALC.exe, so CALC fires up instead of CMD.exe. The reason that the intenal command still is execute is because your CMD that you have running contains them also offcourse :D, as CALC.exe cannot executre that command so it is reflected back tou you already running/executing CMD.exe. In windows/DOS trhe 'pipe' command is iitterly a internal command so it fires CALC.exe.
@dmaynor
@dmaynor Жыл бұрын
What kind of parties do you go to?
@Kim-jg6zt
@Kim-jg6zt Жыл бұрын
Great work.
@zangin
@zangin Жыл бұрын
For 1st example, Maybe it behaves differently because they are DOS INTERNAL commands?
@skullandpwnz6053
@skullandpwnz6053 Жыл бұрын
I guess this is "4 Things You Didn't Know about Windows Command Prompt"
@QuadHealer
@QuadHealer Жыл бұрын
dir, type, rem etc. are not actual programs, and Windows will launch COMSPEC to let it handle it. If you type the command “where calc”, you will get the path to “calc.exe” as it is a command found in the path, but “where dir” will tell you that no such program exists. If you type in "which ls" on Linux, you will get the path to the program, as it is an actual program/script on Linux.
@insightfullreview218
@insightfullreview218 Жыл бұрын
"Netstats" in cmd the lines linked ips how would you remove them obviously someone got access to com, antivirus can't detect and a text file with webscript
@MrGringo466
@MrGringo466 Жыл бұрын
& is a thing in command prompt. You can always just & cmd.exe which then would still run anything that was called. Cmd takes the variables. Somehow mitm permissions for cross app memory snooping. Idk
@nerdynerd1024
@nerdynerd1024 Жыл бұрын
Last thing about the notepad thing, I think that terminal is waiting for notepad to tell it what to do and the like before it invokes the second command and that's why the second part isn't getting sent to notepad.
@Excession101
@Excession101 Жыл бұрын
8191 * 4 = 32764 which is 3 short of the environment variables limitation. making room for c:\ maybe? don't know why just noticed.
@YuukiSystems
@YuukiSystems Жыл бұрын
Yaay new video :3
@Platoface
@Platoface Жыл бұрын
Ok, this should take about 2 mins… wait what? 35 mins… no way.
@Malaphor2501
@Malaphor2501 Жыл бұрын
What about putting the spaces before notepad.exe. (Maybe you said you tried that and I just misunderstood)
@GiveAcademy
@GiveAcademy Жыл бұрын
Good olé windows double backslash
@autograph2020
@autograph2020 Жыл бұрын
Good stuff
@ukaszgeras6600
@ukaszgeras6600 Жыл бұрын
The worst thing at all is, that nor windows neither sysmon log the change of environment variables. And thus, in your SIEM it is very hard to tell, if sone env was modified to proceed the attack. Microsoft will fix it in 2030 for sure.
@mobiousenigma
@mobiousenigma Жыл бұрын
microsoft? fix it?? ummmm there track record isnt good lol
@ukaszgeras6600
@ukaszgeras6600 Жыл бұрын
Sometimes, when searching for vulns in my environment, I see they're systems having CVE created when I was a little child getting my first PC. This is not a big deal really ;)
@TilKenneth
@TilKenneth Жыл бұрын
Did he not mention you inherit environment variables from the parent? Ie, Process inherits theirs from the Userprofile, which inherits it from the System environment variables. Any changes are in their own container and gets passed on, if you in cmd.exe 'set PITA=Yes', then 'cmd.exe' (you start new subprocess cmd.exe) and type 'echo %PITA%', it outputs 'Yes' because it inherits it from the parent (process in this case). Type 'exit' and you are back in the parent cmd.exe process. Userprofile < inherits from System |------CreateProcess (Explorer, or whatever) < inherits from userprofile +----cmd.exe set %PITA%=Yes < inherits from Explorer, or whatever | `---cmd.exe = echo %PITA% = Yes < inherits from cmd.exe +----cmd.exe echo %PITA = %PITA% < inherits from Explorer, or whatever But start a new cmd.exe (new Terminal tab or start from start menu) and 'echo %PITA%' does not exist, it just prints '%PITA%'. If you have access to change System envvars, you are already admin., if you have access to change User envvars, you are not a limited process. At some point you need to be a parent to manipulate a childs envvars through child process or other ways, but you would then likely have access.
@ukaszgeras6600
@ukaszgeras6600 Жыл бұрын
@@TilKenneth Just to clarify. Variables are generally stored in the registry keys. Of course, You can track the changes in user/system registry but formatting of the output in sysmon logs is not that simple - there is no log like "variable changed". In case of processess ofc, precisely theyre stored in PEB structure in process memory and they are inherited by child. The starting values are taken from registry too. Im not sure if there is special process privilege for editing systemwide envvars. My point is, if you were able to produce events for vars in registry, security monitoring would be much easier. BTW, who cares about security monitoring in microsoft, they need you rather to pay for they're edr to do this, but to my taste it is much to pricey. I prefer to save on software and invest in people, against the market unfortunately.
@mobiousenigma
@mobiousenigma Жыл бұрын
@@TilKenneth is that a technical way of saying..its running as admin and looking for the file in user admin not user john.... i think if he moves test.exe to c:\ from c:\users\john\ it shouldnt kick the file not found
@laurendoe168
@laurendoe168 Жыл бұрын
what I don't understand is why echo even executes when COMSPEC isn't cmd.exe. Echo is a command that needs cmd.exe
@ivanmaglica264
@ivanmaglica264 Жыл бұрын
Back in the days we set COMSPEC to 4DOS
@highscore99999
@highscore99999 Жыл бұрын
what is easiest wat to take screenshot from another program.. from keyboard only? win 10 64-- I'm trying to make a game that uses a users desktop objects as charachters and objects in the game. Besy i can imagione is to take screenshot and then slice the image like a spritesheet..
@highscore99999
@highscore99999 Жыл бұрын
If it ain't broke don't fix it!
@worldofwarcraftizgod
@worldofwarcraftizgod Жыл бұрын
Windows 11 replaced notepad with a store app version and maybe that difference is affecting it?
@chuckmuziani6262
@chuckmuziani6262 Жыл бұрын
Enter backspace characters in your passed command text to delete the cmd switches and see what happens.
@eidodk
@eidodk Жыл бұрын
This has been known since the mid 80's when DOS 2.0 came out. It's funny but absolutely not new. The comspec variable was central to the function of the entire operating system - hackers and viruscreators have used this function since it was created. It has changed since Windows Me came out in 2000, because DOS no longer was the base for the system. If you want to know why the command line switches are there, try opening a command prompt, then type "cmd /?" and then read and understand why these command line switches are hardcoded. COMSPEC was one of the first things i learned about dos. The length of command prompt has never been interesting. Environment variable size isn't actually interesting, since 32k is quite a lot of text, and it allows for quite a lot of variables.
@weaintdointhis
@weaintdointhis Жыл бұрын
He's just saying this is something new for most people, Mr. Dunning Krueger
@theforce82
@theforce82 Жыл бұрын
Me: 8192 characters John: But... 🤣🤣
@brighthades5968
@brighthades5968 Жыл бұрын
You broke mobile comment display lol
@JacobP81
@JacobP81 Жыл бұрын
2:47 It is NOT DOS. Windows does NOT come with DOS anymore. It is the Windows Command Prompt, it seems kind of like DOS because it has commands PORTED from DOS. But they are ports, the underline code is totally different because modern Windows cannot run DOS programs. Yes it can still do batch files.
@ThePowerRanger
@ThePowerRanger Жыл бұрын
Very inserting.
@RealCyberCrime
@RealCyberCrime Жыл бұрын
"how to hack newdez with command prompt 2023"
@urits3719
@urits3719 Жыл бұрын
I was hoping you would try to replace the first command 'break' with a path to the notepad
@_JohnHammond
@_JohnHammond Жыл бұрын
Then you would just be invoking the desired executable just as you regularly would, wouldn't you?
@urits3719
@urits3719 Жыл бұрын
@@_JohnHammond Indeed, just wanted to ensure my thoughts
@_SebJ1000
@_SebJ1000 Жыл бұрын
3:50 Who else types clear whenever they go into Command prompt. I do it way too much.
@RobertPendell
@RobertPendell Жыл бұрын
I suspect that calc fired twice near the start of the video because you were using internal commands for cmd.exe in those cases. I could be wrong though.
@maximilliantimofte4797
@maximilliantimofte4797 Жыл бұрын
0:20 very cool sponsor and service for tech products! although I hate the part where they can look at the code of my product I find the service very appealing
@GiveAcademy
@GiveAcademy Жыл бұрын
Hmmmm can’t test right now… comspec=“notepad %% | rem”
@themetalbox3359
@themetalbox3359 Жыл бұрын
1:31 is where the action start (n__n)
@EnglishRain
@EnglishRain Жыл бұрын
Spooky!
@katakupro6523
@katakupro6523 Жыл бұрын
Jesus christ since when does john have 500k subs
@picocode
@picocode Жыл бұрын
2^13 - 1
@jonnyfatboy7563
@jonnyfatboy7563 Жыл бұрын
its probably built like this by design for the alphabet crew 😅👊
@helloitshecker
@helloitshecker Жыл бұрын
Linux be like, #!/bin/bash . BTW I use Arch.
@cjcox
@cjcox Жыл бұрын
With COMSPEC set to just notepad.exe, try: cmd /c "c:\test.txt|rem" in Windows 11 Terminal
@_JohnHammond
@_JohnHammond Жыл бұрын
'c:\test.txt' is not recognized as an internal or external command, operable program or batch file. For me anyway, unless I am doing anything wrong!
@noneyabusiness9636
@noneyabusiness9636 Жыл бұрын
@@_JohnHammond cmd /c "start c:\test.txt|rem"
@mclovin748
@mclovin748 Жыл бұрын
@@_JohnHammond Great Video btw. On my windows 10 cmd.exe >> set COMSPEC=notepad.exe >>"C:\test.txt"|rem I think notepad ignores the switches. From Powershell: >> cmd.exe /c '"C:\test.txt"|rem'
@myentertainment55
@myentertainment55 Жыл бұрын
Hello!
@mikes_.5_cent
@mikes_.5_cent Жыл бұрын
Nifty
@nerdynerd1024
@nerdynerd1024 Жыл бұрын
I think the reason that, when you set COMSPEC to calc.exe, the calculator fires up when you do commands, is because COMSPEC is the command interpreter. It is the executable (Or rather, the location of it) that runs the commands. It gets fed the commands and it is expected to spit out the correct actions. Calc.exe doesn't do that, so when terminal tells it to run these commands, it just opens up the calculator.
@djzio
@djzio Жыл бұрын
The quotes on the command line for that notepad file you were trying to run? Unnecessary. No spaces on files or folders EDIT: I just ran a similar command with a notepad file to open a filename with spaces: quotes still threw an error. Filename with spaces ran without quotes. Go figure.
@melluzi
@melluzi Жыл бұрын
set comspec="shutdown /s /f"
@snowcatman
@snowcatman Жыл бұрын
In cmd.. "|" this does not pipe like you think. Its like "|" = "&&" like do this and do that. playing with arguments, and flag's is nothing knew. Documentation has always been limited and for you to figure it out. microsoft(ms) is so old school you will notice that basic commands are not polished off. For instance no error correction fully implemented. You had to program your own error correction.. It was left up to the user to know what there doing. Back then Imagination was the limit. Customization was always allowed. because at the time users where encouraged to program there own. so long as they left the OS alone. But once windows(gui came in with win3.11) the propretary actions started becoming a thing more and more. Yet seems that microsoft(ms) as of late are removing old code, user choices and software's they once had. Calling it legacy and archiving to not use no more. Its a big reason users are migrating away from windows more and more.
@disdroid
@disdroid Жыл бұрын
I don't know what you did but the comment counts are all off by +1. Does KZbin read the comspec env varr? 😂
@lfcbpro
@lfcbpro Жыл бұрын
Give DavesGarage a shout, he might know a little more and be able to help, I would also recommend his channel to any other nerds wanting to know more about comps :)
@gamergaminghx1625
@gamergaminghx1625 Жыл бұрын
Damm. Then it means that cmd is dangerous 😁😆
@hackvlix
@hackvlix Жыл бұрын
Who would have thought? 🫢
@AM-mv6ro
@AM-mv6ro Жыл бұрын
Woooow grape! Cmd is very dangerous chutiya
@ukaszgeras6600
@ukaszgeras6600 Жыл бұрын
So you tell me that you were using legacy microsoft code? What could have gone wrong ;)?
@gamergaminghx1625
@gamergaminghx1625 Жыл бұрын
@@ukaszgeras6600 i can guess that own microsoft cmd can use in bad things like reverse shell etc... Not just in good😅. Our microsoft frends made it too wrong🫢🫨😅🤷‍♂️
@ukaszgeras6600
@ukaszgeras6600 Жыл бұрын
@@gamergaminghx1625 only thing you need to set the reverse shell is the process or thread in victim process. No matter how you spawn this, the more legacy features you got, the more vector attacks youll find.
@mz4420
@mz4420 Жыл бұрын
With powershell, Microsoft has made a really hard, very inconsistent, under powered mess. Why can't they just copy Linux shell and be done with it?😒
@P4V3LS
@P4V3LS Жыл бұрын
Wine does not do it in wineconsole elf
@Chris-op7yt
@Chris-op7yt Жыл бұрын
worst command shell in computer history. it had many chances to improve and didnt. now we have powershell, which is rubbish as well, together with astonishingly silly commands and parameters, that never makes sense. But i guess it's in step with an operating system that is mostly useless, until you download or buy programs for. Which is original business model for a bad operating system that everyone got to have/use.
@pabloqp7929
@pabloqp7929 Жыл бұрын
You didn't
@chrishartley1210
@chrishartley1210 Жыл бұрын
Why are we supposed to tell you what's going on? I thought the whole point of the video was that YOU were going to tell US something new, not the other way around. Actually all you've told us that you don't know what you are talking about.
@darkegress4392
@darkegress4392 Жыл бұрын
Unsubscribed, I never want to feel the video is burning my time, also the grunts, groans popular with other streamer so overused I must say goodbye
@RegiiPad
@RegiiPad Жыл бұрын
Total non scientific approach of trial and error instead of getting into how it was designed for the commands to be parsed.
@alexshorts9213
@alexshorts9213 Жыл бұрын
Sir I can't login my gmail because of the backup code can you give me the backup code of my gmail.
@0oNoiseo0
@0oNoiseo0 Жыл бұрын
U seriously think your average follower is this rookie :) ?
@LimaOneNiner
@LimaOneNiner Жыл бұрын
25 minutes... this could have been done in 4 minutes. Save yourself 20 minutes and play it at 5 times the speed. Creating content for monetization rather than provide value. Inevitably the decent channels always end up like this
a Hacker's Backdoor: Service Control Manager
17:49
John Hammond
Рет қаралды 93 М.
How Hackers Hide
20:55
John Hammond
Рет қаралды 240 М.
The IMPOSSIBLE Puzzle..
00:55
Stokes Twins
Рет қаралды 190 МЛН
FOREVER BUNNY
00:14
Natan por Aí
Рет қаралды 34 МЛН
9 Command Prompt Commands You Should Know!
14:22
ThioJoe
Рет қаралды 1,1 МЛН
Notepad.exe Will Snitch On You (full coding project)
53:30
John Hammond
Рет қаралды 244 М.
Get Started With Ethical Hacking: Beginner To Master
15:47
Luke Dexter
Рет қаралды 7 М.
30 Windows Commands you CAN’T live without
14:35
NetworkChuck
Рет қаралды 2,4 МЛН
Hacking Windows TrustedInstaller (GOD MODE)
31:07
John Hammond
Рет қаралды 749 М.
How to Proxy Command Execution: "Living Off The Land" Hacks
19:10
John Hammond
Рет қаралды 52 М.
60 Hacking Commands You NEED to Know
27:01
NetworkChuck
Рет қаралды 508 М.
Windows Recall (was) a Security Nightmare
37:04
John Hammond
Рет қаралды 162 М.
The IMPOSSIBLE Puzzle..
00:55
Stokes Twins
Рет қаралды 190 МЛН