Command line windows

De Banane Atomic
Aller à la navigationAller à la recherche

Applications

Name Command
Services services.msc
HyperV manager virtmgmt.msc
Disk Management diskmgmt.msc
Device Manager devmgmt.msc
Windows Features optionalfeatures
Registry Editor regedit
Event Viewer eventvwr

Users and groups

Ps.svg
# list local users
net user

# display account information (groups of which he is a member)
net user [username]

# create an account
net user /add [username] *
# it prompts the password

# delete user
net user [username] /delete

# list local groups
net localgroup

# list the users of a group
net localgroup [groupname]

# add a user to a group
net localgroup administrators [username] /add
# /delete to remove a user from a group

Access Control Lists

Ps.svg
# save the DACLs of c:\folder\file.ext to c:\folder\acl.txt
icacls c:\folder\file.ext /save c:\folder\acl.txt

# restore the DACLs of c:\folder\file.ext from c:\folder\acl.txt
icacls c:\folder\file.ext /restore c:\folder\acl.txt

# grant to User1 the full access permission to c:\folder\file.ext
icacls c:\folder\file.ext /grant User1:F
Basic permissions
Code Description
F Full access
M Modify access
RX Read and execute access
R Read-only access
W Write-only access

Service Controller

Ps.svg
# display the current permissions for MyService as an SDDL string
sc sdshow MyService

# set the permissions for MyService
sc sdset MyService "D:(A;;...)(A;;RPWPCR;;;S-1-5-21-2133228432-2794320136-1823075350-1000)S:(...)"

# get the SID of the current user
whoami /user
Code Description
S: System Access Control List (SACL)
D: Discretionary ACL (DACL)
A Allow
D Deny
CC SERVICE_QUERY_CONFIG : Query the SCM for the service configuration
LC SERVICE_QUERY_STATUS : Query the SCM the current status of the service
SW SERVICE_ENUMERATE_DEPENDENTS : List dependent services
LO SERVICE_INTERROGATE : Query the service its current status
CR SERVICE_USER_DEFINED_CONTROL
RC READ_CONTROL : Query the security descriptor of the service
RP SERVICE_START : Start the service
WP SERVICE_STOP
DT SERVICE_PAUSE_CONTINUE : Pause/Resume the service
DC SERVICE_CHANGE_CONFIG (Change service configuration)
WD WRITE_DAC : Change the permissions of the service
WO WRITE_OWNER : Change the ownership of the service
SD DELETE : The right to delete the service
Security Principal
Code Description
AU Authenticated Users
BA Built-in administrators
BU Built-in users
IU Interactively logged-on user
SU Service logon user
SY Local System
WD Everyone

Boot menu

Ps.svg
# lists entries
bcdedit /v

# add a new entry
bcdedit /copy {current} /d "Description"

# run in Safe mode
bcdedit /set "{guid}" safeboot minimal

# run in Safe Mode with networking support
bcdedit /set {guid} safeboot network

# in addition to safe mode, make it use the command prompt instead of the Explorer shell
bcdedit /set "{guid}" safebootalternateshell yes

Windows defender

Ps.svg
# display settings
Get-MpPreference

# add exclusion path
Add-MpPreference -ExclusionPath "C:\Folder1","C:\Folder2"

# remove exclusion path
Remove-MpPreference -ExclusionPath "C:\Folder"