reading a .bat file

[ShuckyD]

I have a .bat file here which is very well "un-documented" if i can say so myself

Anyway its something that a certain dept. knows to run everyday and is simply called t.bat, so someone came over to me today and said can you write something up in case this breaks, we have no idea what it does, and see the thing is the person who wrote it (awhile back) has left the company

So here goes the code, i think i got some of it, but I wanted to know what you guys may get from it that I am missing.

Code:

SET TMP=tmp_ftp_script
SET URL=ftp.unnamedsite.com
SET USR=anonymous
SET PAS=info@mydomain.com

echo open %URL%>%TMP%
echo %USR%>>%TMP%
echo %PAS%>>%TMP%
echo put \\servername\directory\newfiles\custom.txt%1>>%TMP%
echo quit>>%TMP%
ftp -s:%TMP%
pause

What does the "1" mean after the UNC path of the servername and filename also what is the tmp_ftp_script used for? Is it only to hold a temp file of the things that happened when the bat file ran?

[Steve R Jones]

When I see files like this I zap it and start scanning for viruses.....

SET USR=anonymous
SET PAS=info@mydomain.com

Look like it's making it easier for someone/anyone to FTP into the machine in question.

[ShuckyD]

i know

The usr i guess is the FTP username and Pas is the password... its an FTP site for a big organization to, they run this program and it uploads the file to them for reporting purposes... How can i see what its doing better and document it more.. I know FTP via a .bat file is scary, especially since I didnt know about it

[Keymaker]

Looks like a way of logging passwords. Hench the temp directory used.

[Ebisoba]

Well looks like it's uploading this file \\servername\directory\newfiles\custom.txt to the ftp site. Can you check the server specified and see what's inside custom.txt?