Command line windows
Apparence
Applications
Name | Command |
---|---|
Services | services.msc |
HyperV manager | virtmgmt.msc |
Disk Management | diskmgmt.msc |
Device Manager | devmgmt.msc |
Windows Features | optionalfeatures |
Registry Editor | regedit |
Event Viewer | eventvwr |
Local Group Policy Editor | gpedit |
SQL Server Configuration Manager | SQLServerManager14.msc |
Component Services | dcomcnfg.exe |
Control Panel tools
Name | Command |
---|---|
Network Connections | ncpa.cpl |
Add/Remove Programs | appwiz.cpl |
Users and groups
whoami # current user
whoami /groups # current user groups
# list local users
net user
# display account information (groups of which he is a member)
net user [username]
# create an account
net user /add [username] *
# it prompts the password
# delete user
net user [username] /delete
# list local groups
net localgroup
# list the users of a group
net localgroup "group name"
# add a user to a group
net localgroup administrators [username] /add
# /delete to remove a user from a group
# username ex: IDENTITY\firstname.lastname
|
Access Control Lists
# save the DACLs of c:\folder\file.ext to c:\folder\acl.txt
icacls c:\folder\file.ext /save c:\folder\acl.txt
# restore the DACLs of c:\folder\file.ext from c:\folder\acl.txt
icacls c:\folder\file.ext /restore c:\folder\acl.txt
# grant to User1 the full access permission to c:\folder\file.ext
icacls c:\folder\file.ext /grant User1:F
|
Code | Description |
---|---|
F | Full access |
M | Modify access |
RX | Read and execute access |
R | Read-only access |
W | Write-only access |
Service Controller
![]() |
sc is located at c:\Windows\System32\sc.exe |
# display the current permissions for MyService as an SDDL string
sc sdshow MyService
# set the permissions for MyService
sc sdset MyService "D:(A;;...)(A;;RPWPCR;;;S-1-5-21-2133228432-2794320136-1823075350-1000)S:(...)"
# get the SID of the current user
whoami /user
|
Code | Description |
---|---|
S: | System Access Control List (SACL) |
D: | Discretionary ACL (DACL) |
A | Allow |
D | Deny |
CC | SERVICE_QUERY_CONFIG : Query the SCM for the service configuration |
LC | SERVICE_QUERY_STATUS : Query the SCM the current status of the service |
SW | SERVICE_ENUMERATE_DEPENDENTS : List dependent services |
LO | SERVICE_INTERROGATE : Query the service its current status |
CR | SERVICE_USER_DEFINED_CONTROL |
RC | READ_CONTROL : Query the security descriptor of the service |
RP | SERVICE_START : Start the service |
WP | SERVICE_STOP |
DT | SERVICE_PAUSE_CONTINUE : Pause/Resume the service |
DC | SERVICE_CHANGE_CONFIG (Change service configuration) |
WD | WRITE_DAC : Change the permissions of the service |
WO | WRITE_OWNER : Change the ownership of the service |
SD | DELETE : The right to delete the service |
Code | Description |
---|---|
AU | Authenticated Users |
BA | Built-in administrators |
BU | Built-in users |
IU | Interactively logged-on user |
SU | Service logon user |
SY | Local System |
WD | Everyone |
# lists entries
bcdedit /v
# add a new entry
bcdedit /copy {current} /d "Description"
# run in Safe mode
bcdedit /set "{guid}" safeboot minimal
# run in Safe Mode with networking support
bcdedit /set {guid} safeboot network
# in addition to safe mode, make it use the command prompt instead of the Explorer shell
bcdedit /set "{guid}" safebootalternateshell yes
|
Windows defender
# display settings
Get-MpPreference
# add exclusion path
Add-MpPreference -ExclusionPath "C:\Folder1","C:\Folder2"
# remove exclusion path
Remove-MpPreference -ExclusionPath "C:\Folder"
|
Change IP address and DNS servers
# network information
netsh interface ipv4 show config
# set the IP address, subnet mask, and default gateway
netsh interface ipv4 set address name="Ethernet 1" static 192.168.0.1 255.255.255.0 192.168.0.254
# set the DNS servers
netsh interface ipv4 set dns name="Ethernet 1" static 8.8.8.8
netsh interface ipv4 set dns name="Ethernet 1" static 8.8.4.4 index=2
# set the network interface to use an IP address provided by a DHCP server
netsh interface ipv4 set address name=”Ethernet 1” source=dhcp
# set the network interface to use DNS servers provided by a DHCP server
netsh interface ipv4 set dnsservers name="Ethernet 1" source=dhcp
|