Table of contents
6. View important information about your own machine
7. Mysql authorization of windows command
1. How to open cmd
Enter cmd in the taskbar search box to open
Enter cmd in the path box of the document to open it
win + r to open and run ---> enter cmd ---> press Enter to enter the command prompt window
win + r to open and run ---> input cmd ---> ctrl+shift+enter to enter cmd with administrator privileges
Enter the command in cmd: runas /users: administrator username cmd, you can also enter administrator privileges
(runas /users:administrator cmd) to enter a password
Two, Windows common commands
Add /? after the command to check the parameters of the corresponding command
dir
dir d:\
dir /a #Browse all content, including hidden content
dir /a:d #list all directories
dir /a:h #list all hidden files
cd+folder name # enter the folder
cd .. #return to parent directory
cd \ #Return directly to the root directory
c: or d: or e: #switch partition
tab #completion path function
md folder # create a new directory
rd folder #delete empty folder
rd folder /s /q #Delete all files silently
...\123 #relative path: valid for the current path
\123 #Absolute path: write the path from the root
echo string > [path\]filename.extension
>> #For appending, you can input the output of the command into a file, if the file does not exist, create the file at the same time
> #For coverage, you can input the output of the command into a file, if the file does not exist, create the file at the same time
type filename.extension #Browse the content of a file, and can also be used to create an empty text file
type nul > test.txt
more filename. extension #Display text file content screen by screen
findstr The name of the content file to be searched. Extension #Search for a string in the file
findstr "a" test.txt #Search for lines containing the character "a" in the test.txt file
findstr "^a" test.txt #Search for lines starting with the character "a" in the test.txt file
findstr "a$" test.txt #Search for lines ending with the character "a" in the test.txt file
& #Execute multiple commands in sequence, regardless of whether the command is executed successfully
&& #Execute multiple commands in sequence, and will not execute the following commands when encountering an error command
|| #Execute multiple commands sequentially, when the correct command is executed, the following command will not be executed
| #Use the output of the first command as the operation object of the second command
del filename.extension #delete file
attrib attribute file name. extension #Display or change file attributes
attrib +r file full name/folder name #add read-only attribute
attrib +s +h file full name/folder name #Add system file attributes and hidden attributes, s means system files, h means hidden files
Note: + is changed to - to cancel the modification of file attributes
copy #Copy one or more files to the specified location
xcopy /s #Copy directories and subdirectories, but do not include empty directories
xcopy /e #Copy directories and subdirectories, including empty directories
move #Move files and rename files and directories, but you cannot move folders across partitions
ren #file or directory rename
### Find Files ###
## Find files with the dir command
/s means to list all files in the current directory including subdirectories
/b is to list only the file name, while other information such as date and size are ignored
### Find File Contents###
## Use the findstr command to find the contents of the file
/s Searches for a match in files in the current directory and all subdirectories
/n Displays the line number of the matching line
## Find the contents of the file with the find command
/N displays the line number of the matching line
/I ignore case when searching for strings
/C only show the number of lines containing the string
/V displays all lines that do not contain the specified string
3. Network operation commands
ping ip or domain name #Used to check whether the network is unobstructed and the network delay
ping www.baidu.com #Test and Baidu's network connectivity
ping /t www.baidu.com #Ping continuously until the button is pressed
ctrl+c ping /n 6 www.baidu.com #Specify the number of data packets to send
ping /l 65500 127.0.0.1 #Specify the size of the sent data packet, the maximum is 65500
ipconfig #View computer ip parameter configuration information, such as ip address, default gateway, subnet mask and other information
ipconfig /all #Display complete network information
ipconfig /displaydns #Display the contents of the local dns cache
ipconfig /flushdns #Clear local dns cache
ipconfig /release #Release the lease
ipconfig /renew #Reapply for ip address
netstat #Display network connection, routing table and network interface information
netstat -aon #Display all connected and listening ports, and display the address and port number in numeric form, and display the process number associated with each connection
tracert ip or domain name #Route tracking, used to determine the path taken by the ip data packet to access the target
4. System operation commands
tasklist #Display the currently running process information, you can view the pid
taskkill # end the specified process
taskkill /im cmd.exe #end the process named cmd.exe
taskkill /pid 2380 #End the process with pid 2380
taskkill /pid 2380 /f #Forcibly terminate the process with pid 2380
start start the program
shutdown # Shut down, restart, hibernate, log off the computer
shutdown /s #shut down the computer, the default is 1 minute later
shutdown /s /t 300 #Turn off the computer after five minutes
shutdown /s /t 300 /f #Forcibly shut down the computer after five minutes
shutdown /r /t 0 #Restart the computer immediately
shutdown /a #terminate system shutdown
reg #Related operations on the registry
/v indicates the name of the value to be added under the option
/t Registry key data type
/d Data to assign to the added registry value
/f Do not prompt, forcibly overwrite existing registry entries
netsh advfirewall #Set up firewall
netsh advfirewall set allprofiles state off # Turn off all types of network firewalls
netsh advfirewall set allprofiles state on # Open all types of network firewalls
netsh advfirewall firewall add rule name=tcp-in-8888 protocol=tcp
localport=8888 dir=in action=allow #Add an inbound rule named tcp-in-8888: allow tcp port 8888
netsh advfirewall firewall add rule name=tcp-in-8888 protocol=tcp
localport=8888 dir=in action=block #Add an inbound rule named tcp-in-8888: block tcp port 8888
netsh advfirewall firewall add rule name=tcp-out-8888 protocol=tcp
localport=8888 dir=out action=allow #Add an outbound rule named tcp-out-8888: allow tcp port 8888
netsh advfirewall firewall add rule name=tcp-out-8888 protocol=tcp
localport=8888 dir=out action=block #Add an outbound rule named tcp-out-8888: block tcp port 8888
netsh advfirewall firewall add rule name=允许ping protocol=icmpv4 dir=in
action=allow # Add a rule to allow ping
netsh advfirewall firewall delete rule name=xxx #Delete the firewall rule named xxx, if
name=all means delete all rules
5. User and Management
The UID of the Windows system administrator administrator is 500
The UID of ordinary users starts from 1000
whoami /user #View the SID of the current user
wmic useraccount get name,sid #View the SID of all users
On Windows Server systems, the default password is valid for up to 42 days
administrator #Administrator account
guest #guest account
system #system account, the authority is paramount, the management account in the true sense
local services #Local service account, with slightly less authority than ordinary users, is mainly responsible for some local services in the system, such as
Audio service, DHCP client service, etc.
network services #Network service account, with the same permissions as ordinary users, mainly responsible for some network-related services, such as DNS client service
net user #View user list
net user username password #change password
net user username password/add #create a new user
net user username/del #delete a user
net user username/active:yes #Activate account
net user username/active:no #Disable account
administrators # Administrators group
guests # guest group
users # Ordinary user group, all newly created users belong to this group by default
n network # network configuration group
print # printer group
Remote Desktop # Remote Desktop group
net localgroup # View group list
net localgroup group name # View the members of this group
net localgroup group name/add # create a new group
net localgroup group name username/add # add user to group
net localgroup groupname username/del # kick user from the group
net localgroup group name/del # delete group
6. View important information about your own machine
1. Acquisition of local firewall rules
netsh adfirewall firewall show rule name=all
netsh advfirewall show rule name=all > d:\firewallrules.txt
Advanced Firewall-->Click
2. Network out judgment
Ping any domain name and any surviving ip on the public network
ping www.baidu.com
ping 8.8.8.8 //Google's dns
If "timeout" or "general failure" is displayed, it may be blocked by the local firewall
Connect to the open port of your own vps (by default, win7 does not support telnet, you need to manually enable this function)
dism /online /enable-feature /featurename:telnetclient //启用telnet
dism /online /disable-feature /featurename:telnetclient //禁用telnet
telnet <remote-ip> 3306
Get full disk file list
wmic logicaldisk where drivetype=3 get deviceid #Get logical disk drive letter
wmic logicaldisk where drivetype=2 get deviceid #Get the drive letter of the mobile disk
dir /s /a c:\ > logc.txt
dir /s /a d:\ > logd.txt
shortcut - incomplete
powershell or WMIC _
powershell "Get-WmiObject -class Win32_Product | Select-Object -Property name"
wmic /NAMESPACE:"\\root\CIMV2" PATH Win32_Product get name /FORMAT:table
whole
Put it in Github ( raw.githubusercontent needs to configure hosts )
powershell IEX (New-Object Net.WebClient ).DownloadString(' https://raw.githubusercontent.com/wangzehua123/windows/main/ListPrograms.ps1')
on the user's desktop
powershell IEX (New-Object Net.WebClient ).DownloadString('C:\Users\admin\Desktop\test.ps1')
或者powershell -exec bypass -f c:\users\public\Documents\test.ps1
test.1
Function ListPrograms
{
param($RegPath)
$QueryPath = dir $RegPath -Name
foreach($Name in $QueryPath)
{
(Get-ItemProperty -Path $RegPath$Name).DisplayName
# (Get-ItemProperty -Path $RegPath$Name).Publisher
# (Get-ItemProperty -Path $RegPath$Name).DisplayVersion
}
}
if ([IntPtr]::Size -eq 8)
{
Write-Host "[*] OS: x64"
Write-Host "[*] List the 64 bit programs that have been installed"
$RegPath = "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"
ListPrograms -RegPath $RegPath
Write-Host "[+] List the 32 bit programs that have been installed"
$RegPath = "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\"
ListPrograms -RegPath $RegPath
}
else
{
Write-Host "[*] OS: x86"
Write-Host "[*] List the 32 bit programs that have been installed"
$RegPath = "Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"
ListPrograms -RegPath $RegPath
}
7. Mysql authorization of windows command
use mysql;
select user,host from user;
update user set host='%' where user='root';
grant all privileges on *.* to 'root'@'%' identified by '123456';
flush privileges;