« Command line windows » : différence entre les versions

De Banane Atomic
Aller à la navigationAller à la recherche
Ligne 20 : Ligne 20 :
|-
|-
| Local Group Policy Editor || gpeditor
| Local Group Policy Editor || gpeditor
|-
| SQL Server Configuration Manager || SQLServerManager14.msc
|}
|}



Version du 14 mars 2022 à 10:11

Applications

Name Command
Services services.msc
HyperV manager virtmgmt.msc
Disk Management diskmgmt.msc
Device Manager devmgmt.msc
Windows Features optionalfeatures
Registry Editor regedit
Event Viewer eventvwr
Local Group Policy Editor gpeditor
SQL Server Configuration Manager SQLServerManager14.msc

Users and groups

Ps.svg
# list local users
net user

# display account information (groups of which he is a member)
net user [username]

# create an account
net user /add [username] *
# it prompts the password

# delete user
net user [username] /delete

# list local groups
net localgroup

# list the users of a group
net localgroup [groupname]

# add a user to a group
net localgroup administrators [username] /add
# /delete to remove a user from a group

Access Control Lists

Ps.svg
# save the DACLs of c:\folder\file.ext to c:\folder\acl.txt
icacls c:\folder\file.ext /save c:\folder\acl.txt

# restore the DACLs of c:\folder\file.ext from c:\folder\acl.txt
icacls c:\folder\file.ext /restore c:\folder\acl.txt

# grant to User1 the full access permission to c:\folder\file.ext
icacls c:\folder\file.ext /grant User1:F
Basic permissions
Code Description
F Full access
M Modify access
RX Read and execute access
R Read-only access
W Write-only access

Service Controller

sc is located at c:\Windows\System32\sc.exe
Ps.svg
# display the current permissions for MyService as an SDDL string
sc sdshow MyService

# set the permissions for MyService
sc sdset MyService "D:(A;;...)(A;;RPWPCR;;;S-1-5-21-2133228432-2794320136-1823075350-1000)S:(...)"

# get the SID of the current user
whoami /user
Code Description
S: System Access Control List (SACL)
D: Discretionary ACL (DACL)
A Allow
D Deny
CC SERVICE_QUERY_CONFIG : Query the SCM for the service configuration
LC SERVICE_QUERY_STATUS : Query the SCM the current status of the service
SW SERVICE_ENUMERATE_DEPENDENTS : List dependent services
LO SERVICE_INTERROGATE : Query the service its current status
CR SERVICE_USER_DEFINED_CONTROL
RC READ_CONTROL : Query the security descriptor of the service
RP SERVICE_START : Start the service
WP SERVICE_STOP
DT SERVICE_PAUSE_CONTINUE : Pause/Resume the service
DC SERVICE_CHANGE_CONFIG (Change service configuration)
WD WRITE_DAC : Change the permissions of the service
WO WRITE_OWNER : Change the ownership of the service
SD DELETE : The right to delete the service
Security Principal
Code Description
AU Authenticated Users
BA Built-in administrators
BU Built-in users
IU Interactively logged-on user
SU Service logon user
SY Local System
WD Everyone

Boot menu

Ps.svg
# lists entries
bcdedit /v

# add a new entry
bcdedit /copy {current} /d "Description"

# run in Safe mode
bcdedit /set "{guid}" safeboot minimal

# run in Safe Mode with networking support
bcdedit /set {guid} safeboot network

# in addition to safe mode, make it use the command prompt instead of the Explorer shell
bcdedit /set "{guid}" safebootalternateshell yes

Windows defender

Ps.svg
# display settings
Get-MpPreference

# add exclusion path
Add-MpPreference -ExclusionPath "C:\Folder1","C:\Folder2"

# remove exclusion path
Remove-MpPreference -ExclusionPath "C:\Folder"