| @IF NOT DEFINED DEBUG @ECHO OFF | | | | SET "SYSTEM=%SYSTEMROOT%\SYSTEM32" | | IF EXIST .\TEMP\* DEL .\TEMP\* /Q >NUL 2>&1 | | IF EXIST LOG.TXT DEL LOG.TXT /Q >NUL 2>&1 | | SWREG QUERY "HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES" | SED "/.*SERVICES\\/I!d;s/.*SERVICES\\//I;s/$/\x22/" > .\TEMP\TEMP00 | | GREP -Fviwf .\DAT\SERVICE.DAT .\TEMP\TEMP00 > .\TEMP\SERVICE01 | | | | SED "s/\x22$//" .\TEMP\SERVICE01 > .\TEMP\SERVICE02 | | ECHO AppMgmt>>.\TEMP\SERVICE02 | | GREP -q "." .\TEMP\SERVICE02 && FOR /F "TOKENS=*" %%A IN (.\TEMP\SERVICE02) DO CALL :SER_CHK "%%A" | | GOTO END | | | | :SER_CHK | | IF "%~1"=="" GOTO:EOF | | IF NOT DEFINED SYSTEMB SET "SYSTEMB=%SYSTEM:\=\\%" | | IF NOT DEFINED SYSTEMROOTB SET "SYSTEMROOTB=%SYSTEMROOT:\=\\%" | | IF NOT DEFINED PROGRAMB SET "PROGRAMB=%PROGRAMFILES:\=\\%" | | IF ABC | | | | SWREG QUERY "HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\%~1" | MTEE /+ .\TEMP\DEBUG01 > .\TEMP\SER_CHK01 | | GREP -Fiq " imagepath " .\TEMP\SER_CHK01 || GOTO:EOF | | SET "SER0=S9" | | SET "SER1=%~1" | | SET "SER2=ERR" | | FOR /F "TOKENS=*" %%A IN ('SED -r "/^ START\t.*\t/I!d;s///;s/ .*//" .\TEMP\SER_CHK01') DO SET "SER0=S%%A" | | FOR /F "TOKENS=*" %%A IN ('SED -r "/^ DISPLAYNAME\t.*\t/I!d;s///" .\TEMP\SER_CHK01') DO SET "SER1=%%A" | | SED "/^ imagepath\t.*\t/I!d;s//\t/" .\TEMP\SER_CHK01 > .\TEMP\SER_CHK02 | | SED "s/\t\\/\t/;s/\t??\\/\t/;s/\tSYSTEMROOT/\t%SYSTEMROOTB%/I;s/\tSYSTEM32/\t%SYSTEMB%/I;s/\t%%SYSTEMROOT%%/\t%SYSTEMROOTB%/I;s/\t%%PROGRAMFILES%%/\t%PROGRAMB%/I" .\TEMP\SER_CHK02 > .\TEMP\SER_CHK03 | | GREP -iq "%SYSTEMB%\\SVCHOST\.EXE" .\TEMP\SER_CHK03 && CALL :SVC_CHK "%~1" | | IF /I "%SER2%"=="ERR" FOR /F "TOKENS=*" %%A IN (.\TEMP\SER_CHK03) DO SET "SER2=%%A [%%~TZA]" | | ECHO %SER0% %~1;%SER1%;%SER2%>>LOG.TXT | | DEL .\TEMP\SER_CHK0? .\TEMP\SVC_CHK0? /F/Q >NUL 2>&1 | | SET "SER0=" | | SET "SER1=" | | SET "SER2=" | | GOTO:EOF | | | | :SVC_CHK | | IF "%~1"=="" GOTO:EOF | | SWREG QUERY "HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\%~1\PARAMETERS" /V "SERVICEDLL" > .\TEMP\SVC_CHK01 2>NUL && ( | | SED "/^ SERVICEDLL\t.*\t/I!d;s//\t/" .\TEMP\SVC_CHK01 > .\TEMP\SVC_CHK02 | | SED "s/\t\\/\t/;s/\t??\\/\t/;s/\tSYSTEMROOT/\t%SYSTEMROOTB%/I;s/\tSYSTEM32/\t%SYSTEMB%/I;s/\t%%SYSTEMROOT%%/\t%SYSTEMROOTB%/I;s/\t%%PROGRAMFILES%%/\t%PROGRAMB%/I" .\TEMP\SVC_CHK02 > .\TEMP\SVC_CHK03 | | FOR /F "TOKENS=*" %%A IN (.\TEMP\SVC_CHK03) DO SET "SER2=%%A [%%~TZA]" | | DEL .\TEMP\SVC_CHK0? /F/Q >NUL 2>&1 | | ) | | GOTO:EOF | | :ENDCOPY |
上面的到了IF ABC就會強制中斷
如果行數到很多行的時候會很不好找
所以加上DEBUG變數時
顯示出如下 | C:\UPX\1>SET "SYSTEM=C:\WINDOWS\SYSTEM32" | | | | C:\UPX\1>IF EXIST .\TEMP\* DEL .\TEMP\* /Q 1>NUL 2>&1 | | | | C:\UPX\1>IF EXIST LOG.TXT DEL LOG.TXT /Q 1>NUL 2>&1 | | | | C:\UPX\1>SWREG QUERY "HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES" | SED "/.*SERVIC | | ES\\/I!d;s/.*SERVICES\\//I;s/$/\x22/" 1>.\TEMP\TEMP00 | | | | C:\UPX\1>GREP -Fviwf .\DAT\SERVICE.DAT .\TEMP\TEMP00 1>.\TEMP\SERVICE01 | | | | C:\UPX\1>SED "s/\x22$//" .\TEMP\SERVICE01 1>.\TEMP\SERVICE02 | | | | C:\UPX\1>ECHO AppMgmt 1>>.\TEMP\SERVICE02 | | | | C:\UPX\1>GREP -q "." .\TEMP\SERVICE02 && FOR /F "TOKENS=*" %A IN (.\TEMP\SERVI | | CE02) DO CALL :SER_CHK "%A" | | | | C:\UPX\1>CALL :SER_CHK "1394hub" | | | | C:\UPX\1>IF "1394hub" == "" GOTO:EOF | | | | C:\UPX\1>IF NOT DEFINED SYSTEMB SET "SYSTEMB=C:\\WINDOWS\\SYSTEM32" | | | | C:\UPX\1>IF NOT DEFINED SYSTEMROOTB SET "SYSTEMROOTB=C:\\WINDOWS" | | | | C:\UPX\1>IF NOT DEFINED PROGRAMB SET "PROGRAMB=C:\\Program Files" | | 命令語法不正確。 | | | | C:\UPX\1>IF ABCCOPY |
這樣找錯誤的行就比較快
[ 本帖最后由 sylovanas 于 2008-11-8 12:46 编辑 ] | 
发表于 2008-11-7 18:40
| 
发表于 2008-11-8 11:52
| 
