Now the tutorials on doscommands are everywhere. The dos era has always passed, but we still need these commands. Today, I will also write some frequently-used necessary DOS commands.
I won't talk about the CD, CLS, and Dir. There are also more than N doscommands, and one command has more than N parameters. Today I will mainly talk about the common necessity ..
Note that "/?" can be added to almost all doscommands. This parameter is used to view help ....
Ping
This command is most commonly used to view the network connection status.
"Ping 127.1" is actually a ping
127.0.0.1 can be abbreviated as this because Windows has a mechanism to resolve 192.168.25 to 192.168.0.25. The value 0 of your IP address can be omitted. This is
Ping your own address. Ping to verify that your TCP/IP protocol is correctly installed.
Ping
Gateway. If it is an intranet, You need to ping the gateway to see if the network can be connected... By the way, the network in our dormitory cannot ping the gateway, but still can access the Internet, because the school network administrator sets the ICMP of the router to no response Ping count.
According to the packet protocol, he thought this would prevent me from network attacks, haha.
Ping DNS
If you can access QQ but cannot access the Internet, it may be because the DNS server is incorrect and the website cannot be resolved. Two common DNS servers in Xi'an: 221.11.1.67 and 61.134.1.4. By the way, if you can access QQ, you cannot access the Internet.
This may be due to incorrect iesettings or firewall anti-virus software settings.
Other Ping parameters-l
Size: the number of bytes sent. The maximum value is 65535. If you construct a data packet greater than 65535, the other party may crash.
-F indicates non-segmentation. If-F is added, one ping sends one data packet at a time and is not divided into multiple data packets for sending.
-T, which is very commonly used, is to ping it all the time...
-W means that if no response is received for a long time, it is deemed that ping is not successful.
Other Ping usage. You can ping a website address, domain name, and host name to view the IP address of the host. This is also very common.
Time can be used to view the network latency. If the network goes through the FireWire, it will be useful to see if you can ping cf.
If the CF server is large, it must be very difficult to play cf.
What else is the ping of death? I will not talk about it.
By the way, TTL is also useful. It is said that based on this, you can see the operating system of the other party. Sometimes you can see this after reading several vrouters.
Ipconfig
This command is used to view the NIC. You need to add the parameter/all "ipconfig/all" to display the details.
You can view network IP addresses, network card MAC addresses, gateways, and DSN servers.
ARP
I often use this command because of frequent ARP attacks and the flood of LAN ARP attacks. It is strongly recommended that LAN users enable the arpfirewall of 360.
ARP-
View ARP cache.
ARP-s 192.168.0.254 00-aa-00-62-c6-09
Bind the IP address and MAC address, which is often used to bind the MAC address of the gateway to prevent ARP attacks.
ARP-D is also frequently used to clear ARP cache.
Chkdsk
This is very common. If you find that your files cannot be deleted, the directories are too large, and so on. You must use this command to fix disk errors. The usage is followed by the drive letter. For example, chkdsk D:
CHKNTFS
Checks the drive letter of the NTFS file system.
Convert
The most common method is to convert a FAT32 file system to an NTFS file system. Convert disk D to NTFS file system "Convert D:
/Fs: NTFS"
Defrag
Command line tool. The shards need to be sorted out in two or three months to increase the speed.
Systeminfo
View system information. Operating system name, version, system start time, and installation time. System bit, total physical memory, available physical memory.
Net service commands
There are a lot of. Net commands. Here we will talk about the commands for operating the service. Net start service net stop service net pause net
Continue. Note that the service to be stopped must be enabled manually or automatically
Cannot be disabled. If it is disabled, how can it be enabled in the command line? This requires SC and service control commands. Wait for me to explain this command.
A very useful command. Net helpmsg
Show ERROR
Cause.
I often see some error codes, but I don't know what these codes mean. Enter net helpmsg and add the error code number.
Net send
This is a fun but useless command. Sends messages to the remote host. However, if the remote host wants to accept the information, the messenger service must be enabled. However, this service is usually disabled.
Netstat is a useful command.
Netstat
-A: view the port opened by the current computer. If the-O parameter is added, it is even more powerful. You can check which process enabled port .... But it is a little troublesome, that is, it shows the PID of the process,
Find the process based on the PID .. If you add a number next to the refresh interval.
Regsvr32
Regsvr32
This command is often used to register a. dll file in the registry. Memory overflow often occurs in the program. One solution circulating on the Internet is to enter "for % 1 in ".
(% WINDIR %/system32/*. dll) Do
Regsvr32.exe/s
% 1 "is actually a batch processing, that is, registering all DLL files under Windows/system32. I don't think this is a good way.
Shutdown
Shutdown command. The most useful is shutdown.
-A command. A few years ago, I often saw a system shutdown prompt that the system was about to shut down. Save the work and so on. Wait a few seconds and shut down. And that box
Is disabled. It was because of two famous viruses and shock waves. Destroys the key RPC service in windows and forces the system to shut down. At this time, you can enter shutdown.
-A command
Cancel shutdown. We can also use this command to shut down others' computers. However, if someone else can see who initiated the shutdown command, they may ask you to settle the bill, but I will tell you a command to show him how to shut down his computer. And
Shudown-A is useless.
Route
Command used to operate the route table. Route print
Print the route table. I will talk about the route table later. This has little to do with us.
Tracert
In fact, this is very useful for network management. Tracert www.baidu.com .. You can view the routers we need to go through on the Baidu website. In fact, this principle
It is very simple, according to the ICMP protocol, that is, Ping. We can manually Ping www.baidu.com and then add the parameter-I, that is, TTL increases from 1, with the route
. These are the basis of TCP/IP.
By the way, pathping is a very useful tool. It is a combination of tracer and Ping.
Tasklist
Displays the process list. Useful parameter,/m
You can view the DLL files loaded by each process,/m plus the DLL files, you can view the DLL files are used by those processes
Yes. The most useful is this, with/svc. There are many svchost.exe in the process. These are Service hosts. However, viruses may load themselves into SVCHOST.
Process name. I have three methods. One is to check whether the svchost process is in the System32 directory. If it is not in the directory, it is a virus. Second, if the user name of the process is not
System is a virus. However, viruses may obtain system permissions. The third is to enter the tasklist/svc command. Then, view the service corresponding to the process. If svchost
If the corresponding service is unavailable, it may be a virus.
Taskkill
This is the command used to kill processes on the command line./PID checks and kill processes based on the PID. You have to first check the PID of the process. Add the process name after/IM
Wildcard can be used. /F is very important, that is, to force terminate the process. This filter can be used.
There are many commands that can use this,/s computer/u
Domain/username/P password indicates the remote system. I just mentioned that if you want to disable the remote system
Machine, use shutdown for fear of being discovered. "Taskkill/s computer/u domain/username/P
Password/IM svchost.exe
/F "(This/F seems useless on the remote host ). Then, the host of the other party automatically shuts down for the remaining 30 seconds. The shutdown command was initiated by him. Then use shutdown-a to solve the problem.
Except for shutdown, none of his systems can be used. Because I forcibly shut down his svchost process, and the RPC process of the system's key process is here, why does the system require shutdown?
If the most critical service cannot run, the system will crash, so the system requires shutdown. In school, you can run a command to turn off all hosts.
SFC System File Check Program
This is very important. If you have been infected with viruses, such as robot dogs, the virus may replace the files protected in windows, such as DLL files.
The cache under SYSTEMROOT/system32/dllcache is also damaged, so install your system disk (not the ghost system), or use a virtual optical drive to install the ISO image file.
. To restore the system .. By the way, it's not whether the patch will be damaged. In addition, it is best to use the SP3 System for SP3.
RunAs
Run the program in another user zone. This is what I used when I last intruded into the Internet cafe database.
Some uncommon commands
Uncommon commands
Attrib
In dos, set file properties. Read-only, hide, and so on.
Assoc displays or modifies the file extension Association, which is useless in the command line.
At
In the past, we often used this command to identify IPC attacks. If you want to use the AT command to schedule a task, you need to start the Task Scheduler Service.
Bootcfg
This is not commonly used. It is used to set the boot. ini file of the boot system. The boot. ini file can be well studied. For example, to enter the security mode
A parameter is added to a string in the boot. ini file.
CMD
CMD actually has many parameters. Do you need to input CMD/under DOS /?
Cscript
The wsh in this command line is the Windows Script Host. Run *. js *. VB,
*. Wsh. And so on, but this is rarely used.
Path and set
Debug
You only need to know that Windows has this tool. In fact, this is useless. It belongs to msdos sub-system commands, and it is a obsolete thing.
Of course there are many other commands, so I won't talk about them here ....
The most important and powerful commands are as follows.
NSLookup displays information that can be used to diagnose the basic structure of the Domain Name System (DNS. In fact, this is a strange thing.
Ntsd I cannot find help.
Netsh command line script Utility
Reg operation registry. Use this to modify the registry. However, there are not many people who use this. They all use regedit and/s to silently import. Reg.
File.
SC Service Control enables Disabled Services, loads EXE into services, and so on.
WMIC Windows Management
Instrumentation command line (WMIC) Tool
The above should be complicated. If possible, I will simply write the above usage. Now there are enough of them. If you see this, I want to thank you for your patience .. I hope you can leave me a speech and give me some comments .. If you reprint, please indicate my qq378716196... If you have any bugs, you can point them out ..
By the way, Windows powershell
.. Microsoft launched this product in, which is the next-generation product of CMD. If it is XP, it must be patched before it can be used .. What is it based on the. NET platform? The operations are not text, but objects .. Net object, very attractive. I have studied several times and found that there are very few topics on the Internet, although he has been out in year 34. Windows
Server 2008 does not have this pre-installed, You need to manually install it (for security reasons), but windows
7 does not have this at all, and you need to install it on your own. Obviously, this powershell is developed for professional network administrators. In short, there are very few such things in China .. This is always the case in China, although it has been around for several years.
But only some personal opinions.