Windows:CommandLine

From DN Wiki
Jump to navigation Jump to search

MD5/SHA256 Hash

certUtil -hashfile FILENAME [SHA256|MD5]


cmd.exe

Apparently cmd.exe no longer has a default startup script. According to Stackoverflow you have to configure it in the registry. Add a string value named AutoRun to one of these keys and set the value to the full path of the startup script.

HKCU\Software\Microsoft\Command Processor
HKLM\Software\Microsoft\Command Processor
HKLM\Software\Wow6432Node\Microsoft\Command Processor
Yes, I should probably learn Powershell but I have enough shit to learn and powershell uses insanely long hyphenated commands. I know you can tab complete but still, WTF? Also, After being Windows-free and generally Microsoft free for five years and coming back, I've realized that Microsoft makes shit. The issue is largely the UI. I like having a lot of options but the MS UI are sooo freaking busy that I can never find anything.


Dir Sort Order

From CLI use /o:GN. Make it permanent with setx DIRCMD "/o:gn" or otherwise adding an environment variable like set DIRCMD="o:gn", perhaps in that startup script I mentioned above.

Home Folder

echo %HOMEDRIVE%%HOMEPATH% will echo your home drive and folder.

Network Info

netsh is a PITA with it's long, mutli-level syntax but it gives better answers than ipconfig for a lot of things.

ip info

  • netsh interface ip show config
  • You can also get a specific connection with:
    • netsh interface ip show config "Connection Name"
  • Filtered ipconfig version to show Connection Name, MAC and IP
    • ipconfig /all | findstr "adapter Physical IPv4"

WLAN BSSID

  • netsh wlan show interfaces
  • netsh wlan show networks mod=bssid

Routing table

  • netsh interface ip show route
  • route print -4

MAC

  • netsh lan show interfaces
    • If it tells you "The Wired AutoConfig Service (dot3svc) is not running." you can start it with net start dot3svc and then stop it with net stop dot3svc.
  • getmac /V | findstr /V disconnected
  • Powershell
    • Get-CimInstance win32_networkadapterconfiguration | select description, macaddress | where {$_.MACAddress -ne $null }
  • For a remote Windows computer:
    • nbtstat -a 10.11.12.13

For Loop Ping Sweep

From: https://www.rubyguides.com/2012/02/cli-ninja-ping-sweep/

for /L %i in (1,1,255) do @ping -n 1 -w 200 192.168.1.%i > nul && echo 192.168.1.%i is up.

As you can see the idea is the same, -n being the equivalent of -c in Linux’s ping and -w is the timeout, then we send the output to nul and echo only if the ping command was successful (that’s what the && is for)

User Info

whoami /groups: Shows what AD groups the current user is in.