WARNING/DISCLAIMER

The Author/Blogger shall hold no liability for special, incidental, or consequential damages arising out of or resulting from the use/misuse of the information in this Blog. It is strictly mentioned that these are all for learning and awareness purpose. Most of the articles are collected from various sources and many of them are blogger's own which meant for helping people who are interested in security system or beginners help for security systems and various IT purposes. Some of the articles are solely intended for IT Professionals and systems administrators with experience servicing computer. It is not intended for home users, hackers, or computer thieves attempting to crack PC. Please do not attempt any of these procedures if you are unfamiliar with computer hardware, software and please use this information responsibly. Binod Narayan Sethi is not responsible for the use or misuse of these material, including loss of data, damage to hardware or personal injury. Information can help you to catch hackers and crackers and other cyber criminals. Information can help you to detect and manipulate the evil motives of these anti social intellectual peoples. Good use of the information protect you from evils and misuse of the information make you evil/criminal. Author of this site will not be responsible for use of material for any illicit mean or illicit act done by anybody in any means.

Binod Narayan Sethi

Binod Narayan Sethi
Programming,Web Development & Graphic Designing are my Hobbies.

Wednesday, August 24, 2011

Undocumented DOS commands

Commands
- TRUENAME
- FDISK /STATUS
- FDISK /MBR
- SHELL=C:\COMMAND.COM /P /F
- COMMAND /F
- COMMAND /P
- COMMAND /D
- VER /R
- ECHO OFF and ECHO ON
- FORMAT /AUTOTEST
- FORMAT /BACKUP
- FORMAT /SELECT
- FORMAT /SELECT /U
- FORMAT /H
- IF EXIST \NUL and IF EXIST EMMXXXX0
- Using ATTRIB to hide directories
- SWITCHES=/W
- FOR %%V IN (/SOMETHING)
- DIR,
- COPY. A:
- DOS?=HIGH
- INSTALLHIGH
- Using : for batch file comments
- REM in lines with pipes or redirection
- Delimiter character

TRUENAME
Internal DOS 5.0 command.  Canonicalize a filename or path (using DOS interrupt 21h, function 60) prints the actual directory.

     Syntax:

     TRUENAME filename   - Prints the complete path to file.
     TRUENAME directory  - Prints the complete path to directory.

Note:  If the path is in a network, it starts with a \\machine-name.

TRUENAME is analogous to the UNIX "whence" command.  It returns the real fully-qualified path name for a command.

TRUENAME is useful in networks, where a physical drive may be mapped to a logical volume, and the user needs to know the physical location of the file.  It ignores the DOS SUBST and JOIN commands, or network MAPped drives.

TRUENAME is an undocumented MS-DOS feature, but it is documented in JP Software's 4DOS software (COMMAND.COM replacement) as follows:

     Syntax:

     TRUENAME [d:][path]filename

     Purpose: Returns a fully qualified filename.

     Comments:
     TRUENAME will see "through" JOIN and SUBST commands, and
     requires MS-DOS 3.0 or above.

     Example: The following command uses TRUENAME to get the true pathname
     for a file:

     c:\>subst d: c:\util\test
     c:\>truename d:\test.exe
     c:\util\test\test.exe

TRUENAME : will reveal the full name drive and path of the filename.  If you specify a wildcard (*) in the filename, it will expand the filename to use question marks instead.  If the path includes the ..\ sequence, TRUENAME will examine the directory structure and calculate the path.

Stranger still, the line:

     TRUENAME \CRONK\FLIBBET\..\ART

...produces the response:

     C:\CRONK\ART

...even if the directories \CRONK\FLIBBET and the file ART don't exist!  Don't expect this command to work well across networks.  After all, this is still undocumented in MS-DOS for a reason!

 FDISK /STATUS
Prints a screen just like using option 4 of FDISK, "Partition information", but includes extended partition information.  Nice if you want to get an overview without fear of pressing the wrong keys.

Doesn't work in DOS 3.30.

FDISK /MBR
MS-DOS 5.0 FDISK has an undocumented parameter, /MBR, that causes it to write the master boot record to the hard disk without altering the partition table information.  While this feature is not documented, it can be told to customers on a need-to-know basis.

Warning:  Writing the master boot record to the hard disk in this manner can make certain hard disks partitioned with SpeedStor unusable.  It can also cause problems for some dual-boot programs, or for disks with more than 4 partitions.  Specific information is below.

What is the MBR?

At the end of the ROM BIOS bootstrap routine, the BIOS will read and execute the first physical sector of the first floppy or hard drive on the system. This first sector of the hard disk is called the master boot record, or sometimes the partition table or master boot block. At the beginning of this sector of the hard disk is a small program. At the end of this sector is where the partition information, or partition table, is stored. This program uses the partition information to determine which partition is bootable (usually the first primary DOS partition) and attempts to boot from it.

This program is what is written to the disk by FDISK /MBR and is usually called the master boot record.  During normal operation, FDISK only writes this program to the disk if there is no master boot record.

Why is the MBR changed during Setup?
During installation of Microsoft MS-DOS 5 Upgrade, Setup will replace the master boot record on the hard disk with code to display the message:

        The MS-DOS 5.0 Setup was not completed.
        Insert the UNINSTALL #1 diskette in drive A.
        Press the ENTER key to continue.

This message should be erased and the master boot code rewritten before Setup is completed. If a problem occurs during Setup and you return to the previous MS-DOS, UNINSTAL should also remove this message. However, should Setup or UNINSTAL fail to remove this message, or should the master boot record become corrupted, a new master boot record can be written to the disk using the following command:

         C:\>fdisk /mbr

     WARNINGS: This option should not be used if:

        - the disk was partitioned using Storage Dimensions'
          SpeedStor utility with its /Bootall option
        - more than 4 partitions exist
        - certain dual-boot programs are in use

Storage Dimensions' SpeedStor utility using the /Bootall option redefines the drive's physical parameters (cylinder, head, sector).  /BOOTALL stores information on how the drive has been changed in an area of the master boot record that MS-DOS does not use. FDISK /MBR will erase that information, making the disk unusable.

Some older OEM versions of MS-DOS and some third-party partitioning utilities can create more than 4 partitions.  Additional partition information is commonly stored information on partitions in an area that FDISK /MBR will overwrite.

Some dual-boot programs have a special MBR that asks the user which operating system they want on bootup.  FDISK /MBR erases this program.  Dual-boot systems that boot whichever partition is marked Active are not affected by FDISK /MBR.

If you have a Boot Sector Virus, just boot from a known "clean" floppy disk that's write protected and which has FDISK on it, and run FDISK /MBR.

SHELL=C:\COMMAND.COM /P /F
The /F in the CONFIG.SYS SHELL= statement forces a "Fail" response to all "Abort, Retry, Fail" prompts issued by the DOS critical error handler.

COMMAND /F
Entered on the command line, COMMAND /F makes all those annoying "Abort, Retry, Ignore, Fail" disk error messages default to "Fail" from then on until rebooting.

COMMAND /P

For DOS 3.30 (not checked with other versions):  Docs say that this doesn't allow you to exit back to the previous shell, but /P also forces AUTOEXEC.BAT to be run on secondary shells.

COMMAND /D
When used with a primary shell, or secondary with /P, prevents execution of AUTOEXEC.BAT.

VER /R
Yields extended information about the DOS version:
     MS-DOS Version 5.00
     Revision A
     DOS is in HMA
Doesn't work with DOS 3.30.  VER /R is a documented feature of JP Software's 4DOS.

ECHO OFF and ECHO ON

Entering ECHO OFF from the command line erases the prompt and leaves just a cursor on the screen.  ECHO ON from the command line restores the prompt.  This works with all version of DOS.

One of the most frequently asked questions is "How do I ECHO a blank line in a batch file?"  The most common answer is to use ECHO directly followed by a period:  ECHO. like so.  However, just about any "white space" character will work, as well as any "delimiter".  The following alternatives can be used:  ECHO.  ECHO"  ECHO,  ECHO:  ECHO;  ECHO[  ECHO]  etc.  Apparently it's just the way that the command handles the delimiter and has been available from way back!  Microsoft just began mentioning it in the documentation recently, though, and their examples use a period.

FORMAT /AUTOTEST
The autotest parameter will allow FORMAT to proceed, checking the existing format of the disk (unless the /U parameter with DOS 5 or 6 is also present), and proceeding with the format.

All this will take place with no delay and no waiting for user input.  It will also end without pausing.  It will not ask for a volume label or whether to format another diskette.

WARNING!  This procedure will also work on hard drives!  Be very cautious if you plan to use this feature!

FORMAT /BACKUP
This works exactly like /AUTOTEST, but it does ask for a volume label.

FORMAT /SELECT
This is like the DOS MIRROR command... For safety-fanatics only.

FORMAT /SELECT /U
Just makes a disk unreadable.  Guess it could be handy?

FORMAT /H

In DOS 3.30 (not tested with other versions), FORMAT /H will cause the format to begin immediately after pressing Y in response to "Format another", rather than displaying "Place disk to be formatted in drive x: and press Enter" on a second and subsequent disks.

In DOS 5.0, FORMAT reports "invalid switch".
IF EXIST \NUL and IF EXIST EMMXXXX0
This is a handy quirk of DOS.  Installable drivers are seen as files in all directories.  You can use the if exist test to either test for the existence of a directory, with "if exist \nul", which fails if the directory does not exist because the nul device is not found; or to test whether any driver is loaded, such as the DOS 5 or 6 EMM386 memory manager.

Caveats:  For testing NUL, you need to know the name of the directory or the driver whose existence you are testing, and this is MS-DOS specific -- it doesn't work on network drives, and may not work under DR-DOS.

Where did you learn the "EMMXXXX0" name from?  Instead of typing MEM /C, type MEM /D for the "debug" listing.

The only trouble is EXISTS returns true for COM3/4 and LPT2/3 even if the hardware does not exist.

Using ATTRIB to hide directories
The DOS 5.0 and 6.0 ATTRIB command can do the same thing for directories as it can for files:  ATTRIB +H   will hide the named directory.

SWITCHES=/W
Enables you to have the Windows 3.0 WINA20.386 file anywhere on your boot drive.  Without this you have to have it in the root directory.

This should not be used with Windows 3.1, since it appears to waste around 120K of UMBs.

FOR %%V IN (/SOMETHING)
How can a batch file (without 4DOS) determine from which drive it has been started?

      Example:  C:\>a:test.bat

Now my batch should be able to find out that it is located on drive A: (not the path, only the drive!).

In a batch file, the variable %0 contains the name of the batch file as it was typed at the command line.  If you run the batch file as A:TEST.BAT, %0 will be "A:TEST.BAT".  If you have the directory on your path, and simply type TEST, then %0 will be "TEST".  The drive, path, and extension will only appear in %0 if you enter them in the command used to call the batch file (either typed at the command line, or called from another batch file).  So, you must specify the drive as part of the batch filename for this to work.

To extract the drive only from %0, use the undocumented FOR %%V in /SOMETHING command:

     set drive=
     for %%v in (/%0) do call test2 %%v
     echo Calling drive is %drive%

...where TEST2.BAT is:

     if not '%drive%'=='' set drive=%1:

FOR %%V IN (/SOMETHING) DO WHATEVER will do WHATEVER twice -- the first time with %%V set to the first character in SOMETHING ("S"), the second time with all the remaining characters in SOMETHING ("OMETHING").  If SOMETHING is only a single character, WHATEVER will only be called once, with that character in %%V.  If the single character is a wildcard (? or *) that wild card will not be expanded to a set of filenames.  (The main purpose of this feature is apparently to allow inclusion of the literal characters "?" and "*" without them being expanded.)

This works in DOS 3.30 and later.

 DIR
Using a comma immediately after DIR shows ALL files, including the HIDDEN ones. This appears only to work with DOS 5.0 and 6.0.  With 3.30, it doesn't display either IO.SYS, MSDOS.SYS (both with S, H and R attribs) or a test file with A and H attribs. With DOS 5.0, it displayed a test file with H and A, but would not display IO.SYS or MSDOS.SYS with S, H and R.  This isn't surprising actually, since S alone (without H) will prevent inclusion of a file in a normal DIR. Not tested with DOS 4.x.  Not supported by JP Software's 4DOS.

COPY. A:

The use of a period IMMEDIATELY after some DOS statements will work just like *.*

     Examples:  DEL.      (erase all files in current directory)
                COPY. A:  (copy all files in current directory to A:)

There may be more statements with which it works.

This is actually a documented although obscure feature, though the ability to use the period with COPY is not documented.  What is documented is the fact that "." and ".." can be used to represent the current and parent directories respectively, and these will work with many applications which can handle directory names as arguments.  In this case the "." could also be viewed as a replacement for "*.*"

DOS?=HIGH
DOS?=HIGH in CONFIG.SYS with DOS 6.0 will prompt you whether to load the DOS kernel high (into the HMA) or not.

INSTALLHIGH

In DOS 6.0, there is an undocumented CONFIG.SYS command called INSTALLHIGH= which works just like INSTALL= but loads the TSR high (into upper memory).

The only drawback to this is that MemMaker will not touch INSTALLHIGH lines during the optimizing process.  It just takes it as it is currently.  But then again, INSTALL= is ignored too.  All in all, INSTALL and INSTALLHIGH really are commands to set up manually by the user, and are not really recommended for normal use.  Load TSRs at the beginning of AUTOEXEC.BAT (and using LOADHIGH if desired).

       Example:

       DOS=HIGH,UMB
       DEVICE=C:\DOS\HIMEM.SYS
       DEVICE=C:\DOS\EMM386.EXE NOEMS
       INSTALLHIGH=C:\DOS\SHARE.EXE

Using : for batch file comments

DOS uses a leading : to indicate a label in a batch file.  If the next character following the : is a space or other non-alphanumeric character, then DOS will decide it's an invalid label and skip to the next line, performing no further action.  Faster batch file processing is achieved using this method for comments instead of REM commands.

REM in lines with pipes or redirection
For example:  REM echo y | del *.*

Problems are encountered when trying to REM out an "echo y | del *.*" line in a batch file.  The problem appears to only occur if there is a pipe or redirection in the REMed out line, which shows that DOS first reads the entire line and processes pipes and redirections first, and then goes back to find out what to do with them in the line.  It's actually doing what it thinks you've told it:  Piping the output of REM to DEL.  Since REM has no output, DEL hangs, waiting for the answer to its question.

Delimiter character
Prior to DOS 5.0, there was an undocumented DOS function that would allow you to set the DOS option delimiter character to something else, like a dash (-).  Once you did this, you could use either \ or / in PATH specifications. DOS 5.0 removed the function to set the option delimiter, but retained the function to query what it currently is.(Unfortunately, no further details were provided in this file, so not sure if the delimiter character can still be changed somehow.)   

Binod Narayan Sethi

Binod Narayan Sethi
Binod Narayan Sethi

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More