Professional Documents
Culture Documents
Comenzi Utile
Comenzi Utile
Comenzi Utile
connected to
hostname \\hostname of the box and
echo %username% \\what user we are connected as
whoami \\what user we are connected as
echo %path% \\
net users \\ list the other user accounts on the box
net user user1 \\view user1's information in a bit more detail
wmic useraccount get name,sid \\arata SID
ipconfig /all \\available network interfaces
route print \\route print
arp -A \\ARP (Address Resolution Protocol) cache table
netstat -ano \\active network connections
netsh firewall show state \\firewall state
netsh firewall show config \\firewall rules
PSEXEC -i -s -d CMD \\CMD as System
schtasks /query /fo LIST /v \\verbose output for all scheduled tasks
tasklist /SVC \\tasklist /SVC
net start \\Windows services started
DRIVERQUERY \\drivers
wmic qfe get Caption,Description,HotFixID,InstalledOn \\update-uri/patch
instalate
wmic qfe get Caption,Description,HotFixID,InstalledOn | findstr /C:"KB979682"
/C:"KB2592799" \\cautare patch-uri lipsa!!
dir /s *pass* == *cred* == *vnc* == *.config* \\ search the file system for file
names containing keywords
findstr /si password *.xml *.ini *.txt \\
rundll32.exe keymgr.dll,KRShowKeyMgr
C:\ >netsh>winhttp netsh winhttp>import proxy source=ie
rundll32.exe user32.dll,LockWorkStation- blocare /lock workstation
wmic nicconfig where index=8 call SetTcpipNetbios 2 \\disable netbiosovertcp
sysdm.cpl
alt+f4 - shut down
shift+rightclick - copy as path !!!
control shift+rightclick taskbar -> exit explorer
task manager - file _ CONTROL+RIGHTCLICK -> CMD ADMIN RIGHTS
STEPS RECORDER - CREARE AUTOMATA PASI
SNIPPING TOOL
whoami /all - afiseaza privilegiile mele
psexec -sid cmd.exe - (system rights interactive dont wait)
taskschd.exe with system rights - see update for group policy
procesexp (sysinternals) shows threads!!! vs task man shows processes
iCacls /SetIntergrityLevel medium - to control uncontrollable files INTEGRITY LEVELS
BEATS NTFS AND SHARE PERMISSIONS
administrator is not root!!!
wmicinfo.bat\\script
for /f "delims=" %%A in ('dir /s /b %WINDIR%\system32\*htable.xsl') do set "var=%%A"
Typically these are the directories that contain the configuration files (however it
is a good idea to check the entire OS):
c:\sysprep.inf
c:\sysprep\sysprep.xml
%WINDIR%\Panther\Unattend\Unattended.xml
%WINDIR%\Panther\Unattended.xml
SIDs may be in either numerical or friendly name form. If you use a numerical
form, affix the wildcard character * to the beginning of the SID.
icacls preserves the canonical order of ACE entries as:
Explicit denials
Explicit grants
Inherited denials
Inherited grants
Perm is a permission mask that can be specified in one of the following forms:
A sequence of simple rights:
F (full access)
M (modify access)
RX (read and execute access)
R (read-only access)
W (write-only access)
A comma-separated list in parenthesis of specific rights:
D (delete)
RC (read control)
WDAC (write DAC)
WO (write owner)
S (synchronize)
AS (access system security)
MA (maximum allowed)
GR (generic read)
GW (generic write)
GE (generic execute)
GA (generic all)
RD (read data/list directory)
WD (write data/add file)
AD (append data/add subdirectory)
REA (read extended attributes)
WEA (write extended attributes)
X (execute/traverse)
DC (delete child)
RA (read attributes)
WA (write attributes)
Inheritance rights may precede either Perm form, and they are applied only to
directories:
(OI): object inherit
(CI): container inherit
(IO): inherit only
(NP): do not propagate inherit
(I) "Inherited": This ACE was inherited from the parent container.
(OI) "Object inherit": This ACE will be inherited by objects placed in this
container.
(CI) "Container inherit": This ACE will be inherited by subcontainers placed in
this container.
(IO) "Inherit only": This ACE will be inherited (see OI and CI), but does not
apply to this object itself.
(NP) "Do not propagate": This ACE will be inherited by objects and subcontainers
one level deep it will not apply to things inside subcontainers.