
The option char is the character that is used as a prefix on command-line options.

Of these three options, the first two are switches because they don’t require further input, whereas the third is a flag because it is followed by further arguments that are ‘inputs’ for this argument. More specifically, the first three are command-line options, which typically start with a special character. In the above example it is followed by more arguments. Although all are arguments, they have different roles: for example, the first argument is typically the process that is being called - or, if you are within a command prompt, this would be the command. The line in its entirety is the command line, which is comprised of command-line arguments (separated by spaces).

This post will be using the following terminology: Some consider command-line arguments, parameters, options, flags, switches to be one and the same, to some they have different meanings. This concept is at the core of what makes ‘the computer’: its ability to execute a set of instructions, programs, taking input of sorts.ĭespite its fundamental role in computing, there doesn’t appear to be agreement on what to call the various parts that can be found on command lines. The command line is accessible to this newly created process, which may change its process flow based on what is found on the command line. After all, on most operating systems, processes have a ‘command line’ component, which allows the (initiating) parent process to pass on information to the child process. It turns out that when it comes to computers, this sixteenth-century quote still very much applies. Machiavelli (Discourses on Livy III, Chapter XXII) He who wishes to be obeyed must know how to command. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables.

As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. Windows Command-Line Obfuscation Windows Command-Line Obfuscation
