Posts Tagged ‘DOS’

Windows 7 Command Line Help mistake for IF command

If you type

help IF

at the Windows 7 command-line (can launch this by searching at Windows Start menu search box for “Command” or by typing cmd there and pressing ENTER), you get in one of the help pages printed out for the batch files’ IF command:

%ERRORLEVEL% will expand into a string representation of
the current value of ERRORLEVEL, provided that there is not already
an environment variable with the name ERRORLEVEL, in which case you
will get its value instead. After running a program, the following
illustrates ERRORLEVEL use:

goto answer%ERRORLEVEL%
echo Program had return code 0
echo Program had return code 1

If a program you launched from the batch file returns error code 0 (meaning usually no error), then you jump to label (using “goto” command) answer%ERRORLEVEL% that is answer0 (labels are prefixed with : in DOS/Windows batch files) and it prints out (using echo command) on the console “Program had return code 0”.

Fine till here, but then it will proceed to next commands (the block labeled :answer1) and also print out “Program had return code 1”. Obviously the correct example should be:

goto answer%ERRORLEVEL%
echo Program had return code 0
goto finish
echo Program had return code 1

Could also have a goto finish after the last echo, but its needless since we don’t have :answer2 etc. labels after that and proceeds to finish by itself anyway.

Thinking of this example again, it’s a pretty silly one since one could do instead:

echo Program had return code %ERRORLEVEL%

BTW, to output an empty line to the console you can use echo:
And speaking of batch file tips, you can use :: for comment lines instead of REM command.

Microsoft File Checksum Integrity Verifier (FCIV)

I recently came across a very useful Microsoft tool (FCIV) that can compute and store (as XML) checksums (MD5, SHA1 or both hashes) of folders/files you want and can also be used to later on verify the checksum lists to see if they’ve been tampered with.

Would be nice to have a GUI wrapper around that tool that would also cooperate with the task scheduler to run regular checks of sensitive files.

You can get FCIV from (after unpacking it at some folder you can checkout the tool parameters by typing fciv or fciv /? at the command line – of course you can use fciv | more to see the syntax page by page).

You can read more regarding that (unsupported) Microsoft tool at


Microsoft (R) File Checksum Integrity Verifier V2.05 README file

1.What is File Checksum Integrity Verifier (FCIV)?
4.Database storage format.

1.What is fciv?
Fciv is a command line utility that computes and verifies hashes of files.

It computes a MD5 or SHA1 cryptographic hash of the content of the file.
If the file is modified, the hash is different.

With fciv, you can compute hashes of all your sensitive files.
When you suspect that your system has been compromised, you can run a verification to determine which files have been modified.
You can also schedule verifications regularily.

– Hash algorithm: MD5 , SHA1 or both ( default MD5).
– Display to screen or store hash and filename in a xml file.
– Can recursively browse a directory ( ex fciv.exe c:\ -r ).
– Exception list to specify files or directories that should not be computed.
– Database listing.
– hashes and signature verifications.
– store filename with or without full path.

Usage:  fciv.exe [Commands] <Options>

Commands: ( Default -add )

        -add    <file | dir> : Compute hash and send to output (default screen).

                dir options:
                -r       : recursive.
                -type    : ex: -type *.exe.
                -exc file: list of directories that should not be computed.
                -wp      : Without full path name. ( Default store full path)
                -bp      : base path. The base path is removed from the path name of each entry

        -list            : List entries in the database.

        -v               : Verify hashes.
                         : Option: -bp basepath.

        -? -h -help      : Extended Help.

        -md5 | -sha1 | -both    : Specify hashtype, default md5.
        -xml db                 : Specify database format and name.

To display the MD5 hash of a file, type fciv.exe filename

Compute hashes:
        fciv.exe c:\mydir\myfile.dll
        fciv.exe c:\ -r -exc exceptions.txt -sha1 -xml dbsha.xml
        fciv.exe c:\mydir -type *.exe
        fciv.exe c:\mydir -wp -both -xml db.xml

List hashes stored in database:
        fciv.exe -list -sha1 -xml db.xml

        fciv.exe -v -sha1 -xml db.xml
        fciv.exe -v -bp c:\mydir -sha1 -xml db.xml
4.Database storage format:
xml file.

The hash is stored in base 64.
<?xml version="1.0" encoding="utf-8"?>
        <name> </name>
        <MD5> </MD5>
        <SHA1> </SHA1>

You can build a hash database of your sensitive files and verify them regularily or when you suspect that your system
has been compromised.

It checks each entry stored in the db and verify that the checksum was not modified.

6. History:
Fciv 1.2 : Added event log.
Fciv 1.21: Fixed bad keyset error on some computers.
Fciv 1.22: Added -type option. Support up to 10 masks. *.exe *.dll …
Fciv 2.0:  xml as unique storage. Added -both option.
Fciv 2.01: Exit with error code to allow detections of problem in a script.
Fciv 2.02: Improved perfs. When both alg are specified, it’s now done in one pass.
Fciv 2.03: Added -wp and -bp options. Fciv now stores full path or relatives paths.
Fciv 2.04: Removed several options to simplify it.
Fciv 2.05: Added success message if the verification did not detect any errors.

%d bloggers like this: