P. 1
Essential Windows Command Line Kung-Fu for InfoSec Pros

Essential Windows Command Line Kung-Fu for InfoSec Pros


|Views: 2,375|Likes:
Published by api-3726247

More info:

Published by: api-3726247 on Oct 15, 2008
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less






•Taskkill kills processes by PID

C:\> taskkill /PID [pid]
–Like Unix/Linux kill –9 [pid]
–Can also make a list of pids and kill them all quickly one
after another

C:\> taskkill /PID [pid1] /PID [pid2]

•Taskkill also kills processes by name

C:\> taskkill /IM [name]

–Like Unix/Linux killall –9 [name]

Taskkill lets you kill processes, based on various attributes. One nice option is that
you can kill multiple processes on the same command line, provided that you have
their PIDs. You can do this by typing:

C:\> taskkill /PID [pid1] /PID [pid2]

Or, you can kill a process based on its name by typing:

C:\> taskkill /IM [name]


Essential Windows Command-Line Kung Fu - ©2006, Skoudis27

Using tasklist and taskkill



Let’s look at tasklist and taskkill quickly…

In Step 1, run the following command to see all of the services associated with each

C:\> tasklist /svc

Wow! Svchost.exe is one busy little process, isn’t it? Thanks, Microsoft, for
bundling all of that splendid functionality into one process.

Now, let’s kill our cmd.exe based on its name, as follows:

C:\> taskkill /IM cmd.exe


Essential Windows Command-Line Kung Fu - ©2006, Skoudis28

Windows Command-Line
Kung Fu

•Introduction and Overview
•Command Shell Stuff
•The Wonderful World of WMIC
•Other Odds and Ends
•Some Exercises to Think About

And now, some conclusions… followed by exercises for you to think about. We
won’t cover the answers for the exercises on the webcast. Feel free to do them on
your own at a later time, and check the answers against the slides included at the end
of this PDF.


Essential Windows Command-Line Kung Fu - ©2006, Skoudis29

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->