System Directory
windows: system files are on the inside, there are some applications system32 file, which has a config inside the SAM file, account information storage system, which locked file can not be opened, he would want to see into the PE mode, the system did not load he can read
programData: stored procedures run temporary files, hidden files
Enter the command box can open services.msc service
Port: the role of the port is to distinguish the service
port from 1-65535 have one
from 1-1024 is a pre-reserved port, occupied by some services, set up after the 8000 general port
Web 80
the FTP 21 (20 can be considered)
the DNS 53
the DHCP 67, 68
the TFTP 69
HTTPS 443
smb 445
MySQL 3306
sqlserver 1433
the Oracle 1521
the Telnet 23
SSH 22
the SMTP 25
pop3 110
Tomcat 8080
RDP 3389 (remote Desktop)
Registry
cmd Run regedit, open five root keys, each role is different, not the same local control
The registry is a central database windows system, which store a variety of parameters, the direct control of the loading windows startup, as well as some hardware drivers to run windows applications, which plays a central role in the whole system, these effects including the relevant hardware and software configuration and status information, such as the registry is stored in the initial conditions of the application and Explorer shell, the extension and set up various licenses preferences and unloading a database, the entire system of networked computers, file associated application, system status information describing the hardware components, and state properties, and other properties of the underlying records, and other data.
Mscconfig run in, in the start, the definition of the thing with the computer starts to run after run, manufacturer unknown, probably Trojans
netstat -O computer as long as a boot, a connection to a remote IP, you might in a horse
Common DOS command
color change color cmd
ipconfig / all view details
/ release to release IP
/ Renew reacquire
systeminfo acquisition system details
arp -a arp cache table to get the current host which IP
host name of the net view LAN
shutdown -s -t 180 - c "the Hello"
the shutdown cancel shutdown -a
behind msg plus hackers username "Hello hacker" will pop on his screen
dir to view the current directory
Start www.baidu.com
of the type and linux in the cat as
ren original file name new name
list folder tree tree structure
disk mapping net use K: \ 192.168.3.100 \ C $ to enter a user name and password can be successfully maps the IP-C correspond to a local disk, the firewall intercepts the command
net start telnet to open a services
net stop telnet shut down service
net user to see what the current computer user
net user xiao 123 / add to add users xiao
net localgroup of the administrators xiao / xiao the Add this belongs to the administrators group
net localgroup to see what the local group (remote Desktep users remote Desktop user group)
net user guest / active: yes enable the guest account
net user guest 123123 set the guest account password
NET localgroup of the Administrators the Guest / the Add
tasklist view the process
taskkill kill the process
netsh wlan the SET hostednetwork the MODE = the allow ssid = CC Key = 123
netsh wlan Start hostednetwork
AT 22 : 8 shutdown -s -t 180 create a scheduled task
The batch file is composed of file dos commands
written in the command batch file will be executed one by one
suffix .bat
