seculabs ebook - windows command line cheat sheet commands
TRANSCRIPT
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 1/20
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 2/20
SECUGENIUS SECURITY SOLUTIONS
--------------------------------------------------------------------------------------
(A UNIT OF HARKSH TECHNOLOGIES PVT. LTD)
Company Profile:
Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student
Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. We at SECUGENIUS
are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius
Security Solutions are providing training in Information Security and various professional courses.
Secugenius Security Solutions is an organization which believes in inventing and implementing newideas to influence the technological minds of the youngsters
Looking at the number of Cyber Crimes since last many years, We at Secugenius Security
Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank
Employees, Police officials.
Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the
benefit of the students & making them aware of the latest trends in technological era of the
Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the
nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime
Investigation & Forensic Sciences
Secugenius provides various security solutions to its clients by securing their websites from cyber
attacks. We provide training to college students, graduates and professionals in various fields.
Education is delivered to students through two modes i.e. Regular mode and Distance mode which
are available as short term and long term courses.
In the workshops conducted by Secugenius, participants can claim to be trained by the highly
experienced & skilled corporate trainers from different parts of the nation. We believe in making
the base of students to be as strong as possible. All the modules have been designed in order to
provide students with specialized knowledge by specialized trainers.
This library was furnished, managed and funded by the Founders and Directors of Secugenius
Er. Harpreet Khattar & Er. Kshitij Adhlakha. The overall resource person for the content of
the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security
Solutions.
This Online Digital Library has been initiated as a free resource & permanent
resource on specialization basis for every student of Team Secugenius.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 3/20
Windows Command Line Cheat Sheet Commands
Product ID No: SG/ODL/13041
Founder & Director: Harpreet Khattar & Kshitij Adhlakha
Resource Person: Chetan Soni & Annu Raj
Secugenius Security Solutions
SCO-13A, Model Town Extn, Near Krishna Mandir,
Ludhiana-141002, Punjab – India
[email protected], [email protected]
www.secugenius.com , www.seculabs.in
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 4/20
Windows Command Line Cheat Sheet Commands
Chapter 1 - System Commands
1. Whoami: -- Lists your current user. Not present in all versions of Windows; however shall be
present in Windows NT 6.0-6.1.
2. Whoami /all: -- Lists current user, sid, groups current user is a member of and their sids as wellas current privilege level.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 5/20
3. Set: -- Shows all current environmental variables. Specific ones to look for are USERDOMAIN,USERNAME, USERPROFILE, HOMEPATH, LOGONSERVER, COMPUTERNAME, APPDATA, and
ALLUSERPROFILE.
4. fsutil fsinfo drives:-- Must be an administrator to run this, but it lists the current drives on thesystem.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 6/20
Chapter 2 - Networking commands
1. Ifconfig /all: - Displays the full information about your NIC’s.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 7/20
2. Ipconfig /displaydns: -- Displays your local DNS cache.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 8/20
3. netstat –nabo:-- Lists ports / connections with corresponding process (-b), don’t perform looking(-n), all connections (-a) and owning process ID (-
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 9/20
4. netstat –r:-- Displays the routing table.
5. netstat -na | findstr :445:-- Find all listening ports and connections on port 445.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 10/20
6. netstat -nao | findstr LISTENING:-- Find all LISTENING ports and their associated PIDs.
7. net view:-- Queries NBNS/SMB (SAMBA) and tries to find all hosts in your current workgroup ordomain.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 11/20
8. net view /domain:-- List all domains available to the host.
9. net accounts:-- Prints the password policy for the local system. This can be different andsuperseded by the domain policy.
10. net localgroup administrators: -- Prints the members of the Administrators local group
11. Net share: -- Displays your currently shared SMB entries, and what path(s) they point to.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 12/20
12. arp –a:-- Lists all the systems currently in the machine’s ARP table.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 13/20
13. route print:-- Prints the machine’s routing table. This can be good for finding other networks andstatic routes that have been put in place.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 14/20
14. netsh wlan show profiles:-- shows all saved wireless profiles. You may then export the info forthose profiles with the command below.
15. netsh wlan export profile folder=. key=clear:-- exports a user wifi profile with the passwordin plaintext to an xml file in the current working directory.
16. wmic ntdomain list:--- Retrieve information about Domain and Domain Controller.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 15/20
Chapter 3 - WMI
1. Wmic bios:---
2. wmic qfe qfe get hotfixid
3. wmic startupwmic service
4. wmic process get caption,executablepath,commandline
5. wmic process call create “process_name” (executes a program)
6. wmic process where name=”process_name” call terminate (terminates program)
7. wmic logicaldisk where drivetype=3 get name, freespace, systemname, filesystem,size, volumeserialnumber (hard drive information)
8. wmic useraccount (usernames, sid, and various security related goodies)
9. wmic useraccount get /ALL
10. wmic share get /ALL (you can use ? for gets help ! )
11. wmic startup list full (this can be a huge list!!!)
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 16/20
Chapter 4 - Alerting commands.
1. net user hacker hacker /add:--- Creates a new local (to the victim) user called ‘hacker’ with thepassword of ‘hacker’.
Chapter 5 - Config commands
1. echo %COMSPEC%:--- Usually going to be cmd.exe in the Windows directory, but it’s good toknow for sure.
2. gpresult /z:-- Extremely verbose output of GPO (Group policy) settings as applied to the currentsystem and use
3. sc sq:--
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 17/20
4. sc query:--
5. c:\windows\system32\gathernetworkinfo.vbs:-- Included script with Windows 7,enumerates registry, firewall config, dns cache, etc.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 18/20
Chapter 6 - Binary planting
1. msiexec.exe:--- Basically put evil binary named msiexec.exe in Downloads directory and when ainstaller calls msiexec without specifying path you get code execution.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 19/20
Chapter 7 - Networking commands
1. arp –a:--- Lists all the systems currently in the machine’s ARP table.
7/29/2019 Seculabs eBook - Windows Command Line Cheat Sheet Commands
http://slidepdf.com/reader/full/seculabs-ebook-windows-command-line-cheat-sheet-commands 20/20
Chapter 8 - Finding important files
1. tree C:\ /f /a > C:\output_of_tree.txt:--- Prints a directory listing in ‘tree’ format. The /amakes the tree printed with ASCII characters instead of special ones and the /f displays file namesas well as folders.
2. dir /a:--
3. dir /b /s [Directory or Filename]
4. dir \ /s /b | find /I “searchstring”
5. command | find /c /v “”