Solved

Question for SteveGTR

Posted on 2010-09-21
11
913 Views
Last Modified: 2012-05-10
Hey Steve, a few years ago you worked up a script for me for adds a list of IP addresses into the trusted sites for IE

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/MS_DOS/Q_22837839.html

I am wondering if that script can be modified or re-written once again to include the use of domains or URLs as well as IP addresses. We have virtualized a lot of our web servers and so the IP addresses can change and have changed a number of times in this last year alone. So the need to add the URL into the trusted sites list has become very necessary. I have tried to think of a way to do it, but think I ought to post this and see if it will even be possible. The domain side of the world is a lot different, and I'm having trouble wrapping my head around it. But basically I would like it to do the same thing with domain names that the other script does with IP addresses. And if it can be combined into one script doing both IPs and URLs or domain name, that would be even better.

I hope this all makes sense.

Thanks again.
RBennett
0
Comment
Question by:Ryan Bennett
  • 7
  • 4
11 Comments
 
LVL 21

Expert Comment

by:AmazingTech
ID: 33791785
Give this a go.

Add to your file the domain or URL. URL being HTTP:// or HTTPS://
@echo off



SETLOCAL ENABLEDELAYEDEXPANSION



set fileName=ipList.txt



if not "%~1"=="" set fileName=%~1



if not exist "%fileName%" echo %fileName% does not exist&goto :EOF



for /f "tokens=*" %%a in ('type "%fileName%"') do call :PROCESS "%%a"



goto :EOF



:PROCESS



set ipAddr=%~1

set basekey=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap



echo Processing %ipAddr%



echo %ipAddr% | findstr "[a-z]"

if errorlevel 1 GOTO IPRANGE



echo %ipAddr% is a domain or url

Set Left=

Set Right=

Set Type=

CALL :SPLIT %ipaddr:.=%

GOTO :EOF





:SPLIT

if "%3" == "" (

    Set Right=%1.%2

    if defined Left Set Left=\%Left:~1%

) Else (

    Set Left=!Left!.%1

    ECHO !Left! | findstr /i "HTTPS://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTPS & Set Left=!Left:HTTPS://=!

    ECHO !Left! | findstr /i "HTTP://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTP & Set Left=!Left:HTTP://=!

    shift

    if "%1" NEQ "" GOTO SPLIT

)



    

IF NOT DEFINED Type (

    ECHO Domain

    Set Type=*

) ELSE (

    ECHO URL

)



REG ADD "%basekey%\Domains\%Right%%Left%" /v !Type! /t REG_DWORD /f /d 0x2

GOTO :EOF



:IPRANGE



echo %ipaddr% is an IP Range

for /f "tokens=*" %%a in ('reg query "%basekey%\Ranges" 2^>^&1 ^| findstr /i "%basekey%\Ranges\Range" 2^>^&1') do (

  for /f %%b in ('reg query "%%a" 2^>^&1 ^| findstr "%ipAddr%"') do reg delete "%%a" /f >NUL

)



set /a cnt=0



:NEXTRANGE



set /a cnt+=1



set key=%basekey%\Ranges\Range%cnt%



for /f %%a in ('reg query "%key%" 2^>^&1 ^| findstr /i /c:ERROR:') do goto GOTRANGE



goto NEXTRANGE



:GOTRANGE



reg ADD "%key%" >NUL



echo Adding Range%cnt%



reg ADD "%key%" /v http /t REG_DWORD /d 0x2 >NUL

reg ADD "%key%" /v :Range /t REG_SZ /d %ipAddr% >NUL

Open in new window

0
 

Author Comment

by:Ryan Bennett
ID: 33962179
I apologize for leaving this hanging. I had a few family emergency and totally forgot about it until I got back to work and started back into the projects I have moving forward and realized that I had spaced this off.
 I am still very interested in a solution to this question if that is still a possibility. If I can I'd like to increase the points if that is possible as well.


 Thanks so much for your post, I just tried it but all I get is a command prompt flash very quickly. I am running it from the desktop on a Virtual XP machine and have the iplist.txt file there as well. I will put a few pauses in there and post what I find out in a few minutes.
0
 

Author Comment

by:Ryan Bennett
ID: 33962250
What I see so far is it is exiting the bat file at this line:
if not exist "%fileName%" echo %fileName% does not exist&goto :EOF

I placed an echo and a pause just before this line and the filename variable has the correct name so it is seeing my iplist.txt file. not sure what to try next.

 Thanks again.
0
 
LVL 21

Expert Comment

by:AmazingTech
ID: 33962663
Is iplist.txt in the same folder as your batch file?
set fileName=ipList.txt



if not "%~1"=="" set fileName=%~1



type "%fileName%"

pause

if not exist "%fileName%" echo %fileName% does not exist&goto :EOF

pause

Open in new window

0
 

Author Comment

by:Ryan Bennett
ID: 33964053
Thanks for stickin' with this....

Ok, I that was my fault, spelling issue. Got that corrected and the batch file ran, it created a trusted site for each of the entries in the iplist.txt file. The sites that are IP addresses are entered correctly, however the sites that are entered as URLs or domains are not. These are the sites that I had in the iplist.txt file:

168.179.147.215
168.179.144.17
WSNTCMSPH
*.utah.gov
*.dws.utah.gov
dwscmimaging.dws.utah.gov

And this is how they show up in the trusted sites list under internet options and in the registry:

http://168.179.147.215
http://168.179.144.17
WSNTCMSPH.
*utahgov.
*dwsutahgov.
dwscmimagingdwsutahgov.

Any ideas?

Thanks again.
RBennett
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 21

Expert Comment

by:AmazingTech
ID: 33967786
Hmm... I don't know why the space was missing in:

CALL :SPLIT %ipaddr:.= %

And I was assuming URL/Domains would have atleast 1 dot. But I guess why not have shortnames for intranet urls.
@echo off



SETLOCAL ENABLEDELAYEDEXPANSION



set fileName=ipList.txt



if not "%~1"=="" set fileName=%~1



if not exist "%fileName%" echo %fileName% does not exist&goto :EOF



for /f "tokens=*" %%a in ('type "%fileName%"') do call :PROCESS "%%a" & PAUSE



goto :EOF



:PROCESS



set ipAddr=%~1

set basekey=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap



echo Processing %ipAddr%



echo %ipAddr% | findstr "[a-z]"

if errorlevel 1 GOTO IPRANGE



echo %ipAddr% is a domain or url

Set Left=

Set Right=

Set Type=

CALL :SPLIT %ipaddr:.= %

GOTO :EOF





:SPLIT

if "%3" == "" (

    if "%2" == "" (

        Set Right=%1

    ) else (

        Set Right=%1.%2

    )

    if defined Left Set Left=\%Left:~1%

) Else (

    Set Left=!Left!.%1

    ECHO !Left! | findstr /i "HTTPS://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTPS & Set Left=!Left:HTTPS://=!

    ECHO !Left! | findstr /i "HTTP://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTP & Set Left=!Left:HTTP://=!

    shift

    if "%1" NEQ "" GOTO SPLIT

)



    

IF NOT DEFINED Type (

    ECHO Domain

    Set Type=*

) ELSE (

    ECHO URL

)



REG ADD "%basekey%\Domains\%Right%%Left%" /v !Type! /t REG_DWORD /f /d 0x2

GOTO :EOF



:IPRANGE



echo %ipaddr% is an IP Range

for /f "tokens=*" %%a in ('reg query "%basekey%\Ranges" 2^>^&1 ^| findstr /i "%basekey%\Ranges\Range" 2^>^&1') do (

  for /f %%b in ('reg query "%%a" 2^>^&1 ^| findstr "%ipAddr%"') do reg delete "%%a" /f >NUL

)



set /a cnt=0



:NEXTRANGE



set /a cnt+=1



set key=%basekey%\Ranges\Range%cnt%



for /f %%a in ('reg query "%key%" 2^>^&1 ^| findstr /i /c:ERROR:') do goto GOTRANGE



goto NEXTRANGE



:GOTRANGE



reg ADD "%key%" >NUL



echo Adding Range%cnt%



reg ADD "%key%" /v http /t REG_DWORD /d 0x2 >NUL

reg ADD "%key%" /v :Range /t REG_SZ /d %ipAddr% >NUL

Open in new window

0
 

Author Comment

by:Ryan Bennett
ID: 33976119
Ok, I tried this last version and it appears to be working. The only difference I see between adding the  entries and using this script is that when you run the script and there is a *. before the domain name (*.utah.gov) it creates a separate key for the * . Adding them manually does not create this key.
IE... using these as an example *.utah.gov and *.dws.utah.gov
Using script:
...\ZoneMap\Domains\utah.gov
...\ZoneMap\Domains\utah.gov\*
...\ZoneMap\Domains\utah.gov*.dws

Manually entered:
...\ZoneMap\Domains\utah.gov
...\ZoneMap\Domains\utah.gov\*.dws

Not sure if this even matters or if it will cause any unforeseen problems down the road, but as is stands it appears to be working.

 Any thoughts or concerns with this as it stands right now?

Thanks.
0
 

Author Comment

by:Ryan Bennett
ID: 33976133
Sorry, a few type-os in the last post... I meant....

Ok, I tried this last version and it appears to be working. The only difference I see between adding the  entries manually, and using this script is that when you run the script and there is a *. before the domain name (*.utah.gov) it creates a separate key for the * . Adding them manually does not create this key.

IE... using these as an example *.utah.gov and *.dws.utah.gov
Using script:
...\ZoneMap\Domains\utah.gov
...\ZoneMap\Domains\utah.gov\*
...\ZoneMap\Domains\utah.gov\*.dws

Manually entered:
...\ZoneMap\Domains\utah.gov
...\ZoneMap\Domains\utah.gov\*.dws

Not sure if this even matters or if it will cause any unforeseen problems down the road, but as is stands it appears to be working. What do you think?

 Any thoughts or concerns with accepting this as it stands right now?

Thanks again for the hard work.
0
 
LVL 21

Accepted Solution

by:
AmazingTech earned 500 total points
ID: 33984348
Hmm... We should fix it just in case.
@echo off



SETLOCAL ENABLEDELAYEDEXPANSION



set fileName=ipList.txt



if not "%~1"=="" set fileName=%~1



if not exist "%fileName%" echo %fileName% does not exist&goto :EOF



for /f "tokens=*" %%a in ('type "%fileName%"') do call :PROCESS "%%a" & PAUSE



goto :EOF



:PROCESS



set ipAddr=%~1

set basekey=HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap



echo Processing %ipAddr%



echo %ipAddr% | findstr "[a-z]"

if errorlevel 1 GOTO IPRANGE



echo %ipAddr% is a domain or url

Set Left=

Set Right=

Set Type=

CALL :SPLIT %ipaddr:.= %

GOTO :EOF





:SPLIT

if "%3" == "" (

    if "%2" == "" (

        Set Right=%1

    ) else (

        Set Right=%1.%2

    )

    if defined Left Set Left=\%Left:~1%

) Else (

    Set Left=!Left!.%1

    ECHO !Left! | findstr /i "HTTPS://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTPS & Set Left=!Left:HTTPS://=!

    ECHO !Left! | findstr /i "HTTP://">NUL

    if NOT ERRORLEVEL 1 Set Type=HTTP & Set Left=!Left:HTTP://=!

    shift

    if "%1" NEQ "" GOTO SPLIT

)



IF "%LEFT%" == "\*" Set Left=

    

IF NOT DEFINED Type (

    ECHO Domain

    Set Type=*

) ELSE (

    ECHO URL

)



REG ADD "%basekey%\Domains\%Right%%Left%" /v !Type! /t REG_DWORD /f /d 0x2

GOTO :EOF



:IPRANGE



echo %ipaddr% is an IP Range

for /f "tokens=*" %%a in ('reg query "%basekey%\Ranges" 2^>^&1 ^| findstr /i "%basekey%\Ranges\Range" 2^>^&1') do (

  for /f %%b in ('reg query "%%a" 2^>^&1 ^| findstr "%ipAddr%"') do reg delete "%%a" /f >NUL

)



set /a cnt=0



:NEXTRANGE



set /a cnt+=1



set key=%basekey%\Ranges\Range%cnt%



for /f %%a in ('reg query "%key%" 2^>^&1 ^| findstr /i /c:ERROR:') do goto GOTRANGE



goto NEXTRANGE



:GOTRANGE



reg ADD "%key%" >NUL



echo Adding Range%cnt%



reg ADD "%key%" /v http /t REG_DWORD /d 0x2 >NUL

reg ADD "%key%" /v :Range /t REG_SZ /d %ipAddr% >NUL

Open in new window

0
 

Author Comment

by:Ryan Bennett
ID: 33985606
You really are Amazing. That fixed it and everything looks like its working great. Exactly what I was looking for.


 Thanks very much for your help.

RBennett
0
 

Author Closing Comment

by:Ryan Bennett
ID: 33985625
Exactly what I needed, wish I could figure out how to increase the points to so I could give you more.

 Thanks again.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

The following is a collection of cases for strange behaviour when using advanced techniques in DOS batch files. You should have some basic experience in batch "programming", as I'm assuming some knowledge and not further explain the basics. For some…
One of my most closely kept secrets is revealed in this discussion How to output text on the same line This question was recently posted in EE by Simon336697 (http://www.experts-exchange.com/Programming/Languages/Scripting/Shell/Batch/Q_2459…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now