Command line windows

De Banane Atomic
Version datée du 20 août 2022 à 13:22 par Nicolas (discussion | contributions) (→‎Users and groups)
(diff) ← Version précédente | Voir la version actuelle (diff) | Version suivante → (diff)
Aller à la navigationAller à la recherche

Applications

Name Command
Services services.msc
HyperV manager virtmgmt.msc
Disk Management diskmgmt.msc
Device Manager devmgmt.msc
Windows Features optionalfeatures
Registry Editor regedit
Event Viewer eventvwr
Local Group Policy Editor gpedit
SQL Server Configuration Manager SQLServerManager14.msc
Component Services dcomcnfg.exe

Control Panel tools

Name Command
Network Connections ncpa.cpl
Add/Remove Programs appwiz.cpl

Users and groups

Ps.svg
whoami          # current user
whoami /groups  # current user groups

# list local users
net user

# display account information (groups of which he is a member)
net user [username]

# create an account
net user /add [username] *
# it prompts the password

# delete user
net user [username] /delete

# list local groups
net localgroup

# list the users of a group
net localgroup "group name"

# add a user to a group
net localgroup administrators [username] /add
# /delete to remove a user from a group
# username ex: IDENTITY\firstname.lastname

Access Control Lists

Ps.svg
# save the DACLs of c:\folder\file.ext to c:\folder\acl.txt
icacls c:\folder\file.ext /save c:\folder\acl.txt

# restore the DACLs of c:\folder\file.ext from c:\folder\acl.txt
icacls c:\folder\file.ext /restore c:\folder\acl.txt

# grant to User1 the full access permission to c:\folder\file.ext
icacls c:\folder\file.ext /grant User1:F
Basic permissions
Code Description
F Full access
M Modify access
RX Read and execute access
R Read-only access
W Write-only access

Service Controller

sc is located at c:\Windows\System32\sc.exe
Ps.svg
# display the current permissions for MyService as an SDDL string
sc sdshow MyService

# set the permissions for MyService
sc sdset MyService "D:(A;;...)(A;;RPWPCR;;;S-1-5-21-2133228432-2794320136-1823075350-1000)S:(...)"

# get the SID of the current user
whoami /user
Code Description
S: System Access Control List (SACL)
D: Discretionary ACL (DACL)
A Allow
D Deny
CC SERVICE_QUERY_CONFIG : Query the SCM for the service configuration
LC SERVICE_QUERY_STATUS : Query the SCM the current status of the service
SW SERVICE_ENUMERATE_DEPENDENTS : List dependent services
LO SERVICE_INTERROGATE : Query the service its current status
CR SERVICE_USER_DEFINED_CONTROL
RC READ_CONTROL : Query the security descriptor of the service
RP SERVICE_START : Start the service
WP SERVICE_STOP
DT SERVICE_PAUSE_CONTINUE : Pause/Resume the service
DC SERVICE_CHANGE_CONFIG (Change service configuration)
WD WRITE_DAC : Change the permissions of the service
WO WRITE_OWNER : Change the ownership of the service
SD DELETE : The right to delete the service
Security Principal
Code Description
AU Authenticated Users
BA Built-in administrators
BU Built-in users
IU Interactively logged-on user
SU Service logon user
SY Local System
WD Everyone

Boot menu

Ps.svg
# lists entries
bcdedit /v

# add a new entry
bcdedit /copy {current} /d "Description"

# run in Safe mode
bcdedit /set "{guid}" safeboot minimal

# run in Safe Mode with networking support
bcdedit /set {guid} safeboot network

# in addition to safe mode, make it use the command prompt instead of the Explorer shell
bcdedit /set "{guid}" safebootalternateshell yes

Windows defender

Ps.svg
# display settings
Get-MpPreference

# add exclusion path
Add-MpPreference -ExclusionPath "C:\Folder1","C:\Folder2"

# remove exclusion path
Remove-MpPreference -ExclusionPath "C:\Folder"

Change IP address and DNS servers

Ps.svg
# network information
netsh interface ipv4 show config

# set the IP address, subnet mask, and default gateway
netsh interface ipv4 set address name="Ethernet 1" static 192.168.0.1 255.255.255.0 192.168.0.254

# set the DNS servers
netsh interface ipv4 set dns name="Ethernet 1" static 8.8.8.8
netsh interface ipv4 set dns name="Ethernet 1" static 8.8.4.4 index=2

# set the network interface to use an IP address provided by a DHCP server
netsh interface ipv4 set address name=”Ethernet 1” source=dhcp

# set the network interface to use DNS servers provided by a DHCP server
netsh interface ipv4 set dnsservers name="Ethernet 1" source=dhcp