To become a computer master, you must master eight cmd commands.

Source: Internet
Author: User
Tags ftp commands net time remote ftp server net send nslookup strong password

To become a computer master, you must master eight cmd commands.

1. ping

It is a command used to check whether the network is smooth or the network connection speed. As an administrator or hacker living on the network, the ping command is the first DOS command that must be mastered. The principle used is as follows: each machine on the network has a unique IP address. When we send a packet to the target IP address, the other party will return a packet of the same size. Based on the returned packet, we can determine the existence of the target host, the operating system of the target host can be preliminarily determined. Next let's take a look at some of its common operations. Let's take a look at the help. In the DOS window, type: ping /? Press enter ,. . Here, we can only master some basic useful parameters (the same below ).

-T indicates that data packets are continuously sent to the target IP address until we force it to stop. Imagine that if you use M broadband access and the target IP address is a 56 K kitten, it will not take long for the target IP address to be dropped because it cannot bear so much data, an attack is implemented in this simple way.

-L defines the size of the sent data packet. The default value is 32 bytes. We can use it to define a maximum of 65500 bytes. It works better with the-t parameter described above.

-N indicates the number of data packets sent to the target IP address. The default value is 3. If the network speed is slow and three times is a waste of time, because our goal is to determine whether the target IP address exists.

Note: If the-t parameter and the-n parameter are used together, the ping command is based on the following parameters, such as "ping IP-t-n 3 ", although the-t parameter is used, the ping is not always done, but only three times. In addition, the ping command does not have to ping the IP address. You can also directly ping the host domain name to obtain the Host IP address.

The following is an example to illustrate the specific usage.

Here time = 2 indicates that the time taken from sending a data packet to receiving the returned data packet is 2 seconds. Here we can determine the network connection speed. From the returned value of TTL, You Can preliminarily judge the operating system of the host to be pinged. The reason for this is "preliminary judgment" is that this value can be modified. Here, TTL = 32 indicates that the operating system may be win98.

(TIPS: If TTL = 128, the target host may be Win2000; If TTL = 250, the target host may be Unix)

The ping command can be used to quickly locate LAN faults, quickly search for the fastest QQ server, and ping attacks to others ...... All of this depends on everyone.

Ii. nbtstat

This command uses NetBIOS on TCP/IP to display protocol statistics and current TCP/IP connection. With this command, you can obtain the NETBIOS information of the remote host, for example, the user name, the working group, and the MAC address of the NIC. Here we need to know several basic parameters.

-A uses this parameter. If you know the name of the remote host machine, you can obtain its NETBIOS information (the same below ).

-The parameter A can also obtain the NETBIOS information of the remote host, but you need to know its IP address.

-N: lists the NETBIOS information of the local machine.

When the IP address or machine name of the other party is obtained, you can use the nbtstat command to further obtain the information of the other party, which increases the insurance coefficient of our intrusion.

Iii. netstat

This is a command used to view the network status, which is easy to operate and powerful.

-A: view all open ports on the local machine to effectively detect and prevent Trojans, and know the services opened by the machine.

Here we can see that the local machine is open to FTP service, Telnet service, mail service, WEB Service, and so on. Usage: netstat-a IP address.

-R: lists the current route information and tells us the gateway, subnet mask, and other information of the local machine. Usage: netstat-r IP address. Iv. tracert

Trace route information. This command can be used to identify all the routes through which data is transmitted from the local machine to the target host. This is helpful for us to understand the network layout and structure. 5.

It indicates that the data is transmitted from the local machine to the machine without any intermediate transfer. It indicates that the two machines are in the same LAN. Usage: tracert IP.

V. net

This command is the most important one in network commands. You must thoroughly understand the usage of each of its sub-commands, because it is too powerful, this is the best intrusion tool that Microsoft provides for us. First, let's take a look at all the sub-commands it has, and type net /? Press enter 6.

Here, we will focus on several common subcommands for intrusion.

Net view

Use this command to view shared resources of the remote host. The command format is net view \ IP.

Net use

A shared resource of the remote host is projected as a local drive letter, which is easy to use on the graphic interface. The command format is net use x: \ IP \ sharename. In the preceding example, the shared IP address is hashed into a local Z disk. Set up an IPC $ connection with (net use \ IP \ IPC $ "password"/user: "name "),

After the IPC $ connection is established, you can upload the file: copy nc.exe \ \ admin.pdf, upload the nc.exe file in the local directory to the remote host, and use other doscommands to be introduced later to implement intrusion.

Net start

Use it to start services on the remote host. After you establish a connection with the remote host, what service does you want to use if it is not started? Use this command to start it. Usage: net start servername, 9. the telnet service is successfully started.

Net stop

What should I do if I find that a service on the remote host is out of the way after the intrusion? Use this command to stop and it will be OK. The usage is the same as that of net start.

Net user

View account-related information, including creating accounts, deleting accounts, viewing specific accounts, activating accounts, and disabling accounts. This is very beneficial to our intrusion, and most importantly, it provides a prerequisite for us to clone accounts. Type a net user without parameters to view all users, including disabled users. The following is a separate explanation.

1. net user abcd 1234/add: create an account with the username abcd and password 1234. The default account is a member of the user group.

2. net user abcd/del: Delete the user whose user name is abcd.

3. net user abcd/active: no. Disable the user whose user name is abcd.

4. net user abcd/active: yes. Activate the user whose user name is abcd.

5. net user abcd: view the situation of users whose user name is abcd.

Net localgroup

View all information related to the user group and perform related operations. Enter a net localgroup without parameters to list all current user groups. During the intrusion process, we generally use this account to escalate an account to an administrator account, so that we can use this account to control the entire remote host. Usage: net localgroup groupname username/add.

Now we have added the newly created user abcd to the administrator Group. At this time, the user abcd is already a super administrator. Haha, you can use the net user abcd to view his status, and figure 10. However, this is so obvious that the network management system can leak flaws when looking at the user situation. Therefore, this method can only deal with cainiao network management, but we still need to know. The current method is to use other tools and means to clone a super administrator that cannot be seen by the network administrator. If you are interested, refer to the article "from simple to deep resolution long account" in section 30th of "black line of defense.

Net time

This command can view the current time of the remote host. If your goal is to enter the remote host, you may not be able to use this command. But a simple intrusion is successful. Are you just looking at it? We need further penetration. Even the current time of the remote host needs to be known, because time and other means (which will be discussed later) can be used to implement timed startup of a command and program, laying a solid foundation for further intrusion. Usage: net time \ IP.


The purpose of this command is to execute a specific command and program on a specific date or time (Do you know the importance of net time ?). When we know the current time of the remote host, we can use this command to execute a program and command at a later time (such as two minutes later. Usage: at time command \ computer.

Enables the telnet service on the computer named a-01 at 06:55 (net start telnet is the command to enable the telnet service here ). 7. ftp

Are you familiar with this command? There are many ftp hosts open on the network, most of which are anonymous. That is to say, anyone can log in. Now, if you scan a host that opens the ftp service (usually a machine with port 21 enabled), what if you still don't use the ftp command? The following describes how to use basic ftp commands.

First, enter ftp in the command line and press enter to display the ftp prompt. At this time, you can type "help" to view help (any doscommand can use this method to view its help ).

You may have seen how to use so many commands? In fact, it is enough to master a few basics.

The first is the login process, which requires open. Enter "open Host IP ftp port" at the ftp prompt and press Enter. Generally, the default port is 21, which can be left empty. Then, enter a valid user name and password to log in. Here we will use anonymous ftp as an example.

The username and password are both ftp and are not displayed. When *** logged in is displayed, the logon is successful. The user is shown as Anonymous because the logon is Anonymous.

Next we will introduce how to use specific commands.

Like the doscommand, dir is used to view the files on the server. Press dir and press enter to view the files on the ftp server.

Cd to enter a folder.

Get to download the file to the local machine.

Put: upload files to the remote server. It depends on whether the remote ftp server has granted you the writeable permission. If yes, you can use it easily.

Delete deletes files on the remote ftp server. This must also ensure that you have the write permission.

Bye exits the current connection.

Same as quit.

8. telnet

Powerful remote login commands, which almost all intruders like to use, have tried and tested. Why? It is easy to operate, just like using your own machine. As long as you are familiar with the doscommand and have successfully connected to a remote machine as administrator, you can use it to do everything you want. The following describes how to use it. First, enter telnet and press enter, and then enter help to view the help information.

Enter the open IP address at the prompt and press Enter. the login window appears, asking you to enter a valid user name and password. No Password is displayed here.

After you enter the correct username and password, you have successfully established a telnet connection. At this time, you have the same permissions as this user on the remote host, you can use the doscommand to implement what you want. Here I use the super administrator permission to log on.

So far, the introduction of network doscommands has come to an end. The purpose of this article is to give cainiao network administrators an impression that they are familiar with and understand the importance of network doscommands. In fact, the network-related doscommands are far more than that. Here, we only hope to help cainiao network administrators. It is of great help to become a good network administrator to learn DOS well, and he is particularly familiar with the DOS commands of some networks.

In addition, it should be clear that anyone who wants to enter the system must have a valid user name and password (the Input Method Vulnerability is almost extinct), even if you only have a small account permission, you can also use it for the final purpose. Therefore, eliminating empty passwords and adding a strong password to your account is the best way to defend against weak password intrusion.

Finally, it is most important to cultivate a good security awareness.

========================================================== = Start → run → command collection winver --------- check Windows wmimgmt. msc ---- open windows management architecture (WMI) wupdmgr -------- windows Update Program wscript -------- windows Script Host settings write ---------- WordPad winmsd --------- system information wiaacmgr ------- scanner and camera wizard winchat -------- XP built-in LAN chat

Mem.exe -------- Display memory usage Msconfig.exe --- System Configuration Utility overview ------- simple widnows media player mspaint -------- graphic board mstsc ---------- Remote Desktop Connection mplayer2 ------- media player magnify -------- magnifier utility mmc ------------ open the console mobsync -------- synchronization command

Dxdiag --------- check directx information drwtsn32 ------ system doctor devmgmt. msc --- Device Manager dfrg. msc ------- diskmgmt. msc --- disk management utility dcomcnfg ------- open system component service ddeshare ------- open DDE Share settings dvdplay -------- dvd player

Net stop messenger ----- stop messenger Service net start messenger ---- start messenger Service notepad -------- open notepad nslookup ------- network management tool wizard ntbackup ------- System Backup and Restore narrator ------- screen "narrator" ntmsmgr. msc ---- mobile Storage Manager ntmsoprq. msc --- mobile storage administrator Operation Request netstat-an ---- (TC) command Check interface

Syncapp -------- create a briefcase sysedit -------- System Configuration editor sigverif ------- file signature verification program sndrec32 ------- recorder shrpubw -------- create shared folder secpol. msc ----- The Local Security Policy syskey --------- system encryption. Once encrypted, it cannot be unlocked. This protects windows XP system's dual password services. msc --- local service setup Sndvol32 ------- volume control program sfc.exe -------- System File Checker sfc/scannow --- windows File Protection

Tsshutdn ------- 60 seconds countdown shutdown command tourstart ------ xp introduction (roaming xp program displayed after installation) taskmgr -------- Task Manager

Eventvwr ------- Event Viewer eudcedit ------- Word Creation Program explorer ------- open the Resource Manager

Packager ------- object packaging program perfmon. msc ---- computer performance monitoring program progman -------- Program Manager

Regedit.exe ---- registry rsop. msc ------- group policy result set regedt32 ------- Registry Editor rononce-p ---- shut down regsvr32/u * in 15 seconds *. dll ---- stop the dll file and run regsvr32/u zipfldr. dll ------ cancel ZIP support

Cmd.exe -------- CMD command prompt chkdsk.exe ----- Chkdsk disk check certmgr. msc ---- Certificate Management Utility calc ----------- start calculator charmap -------- start character ing table cliconfg ------- SQL server Client Network utility Clipbrd -------- clipboard viewer conf ----------- Start netmeeting compmgmt. msc --- Computer Management cleanmgr ------- spam ciadv. msc ------ Indexing Service Program

Osk ------------ open the on-screen keyboard odbcad32 ------- ODBC data source Manager oobe/msobe/a ---- check if XP has activated lusrmgr. msc ---- local user and group logoff --------- logout command

Iexpress ------- Trojan bundle tool, which comes with the System

Nslookup ------- IP address Detector

Fsmgmt. msc ----- Shared Folder Manager

Utilman -------- auxiliary tool Manager

Gpedit. msc ----- Group Policy

What are the eight mandatory cmd commands?

CMD command
Net use ipipc $ ""/user: "" creates an empty IPC link.
Net use ipipc $ "password"/user: "user Name" Create an IPC non-empty Link
Net use h: ipc $ "password"/user: "user Name". After you log in directly, map the other party C: H:
Net use h: ipc $ after login ing to the other Party C: to the local is H:
Net use ipipc $/del Delete IPC Link
. Net use h:/del: Delete the H ing from the ing peer to the local host that is h:
Net user username and password/add create user
Net user guest/active: yes to activate the guest user
. Net user.
Net user account name view account attributes
Net localgroup administrators user name/add the "user" to the administrator so that it has administrator permissions. Note: add s to the administrator and use the plural
Net start to check which services are enabled
. Net start service name. (For example, net start telnet and net start schedule)
Net stop service name to stop a service
Net time target ip address view peer time
Net time target ip Address/set sets the time synchronization between the local computer time and the "target IP" host. The parameter/yes can be used to cancel the confirmation.
. Net view.
. Net view ip address.
Net config display system network settings
. Net logoff disconnection sharing
. Net pause service name: suspend a service
Net send ip "Text Information" sends information to the recipient
Network Connection type and information being used in the net ver LAN
. Net share
Net share ipc $ enable ipc $ share
Net share ipc $/del Delete ipc $ share
Net share c $/del Delete C: share
Net user guest 12345 after logging in with the guest user, change the password to 12345
Net password Change System Login password
Netstat-a is usually used to check which ports are enabled.
Netstat-n is commonly used to view the network connection of a port.
Netstat-v view ongoing work
Netstat-p protocol name example: netstat-p tcq/ip to view the usage of a protocol (view the usage of TCP/IP protocol)
Netstat-s: view all protocol usage in use
If an nbtstat-A ip address is enabled on one of the ports from 136 to 139, you can view the user name that the other party recently logged on to (the user name is before 03). Note: Parameter-A must be capitalized.
Tracert-parameter ip (or computer name) Tracking routing (packet), parameter: "-w number" is used to set the timeout interval.
Ping An ip address (or domain name) to send 32-byte data to the host. Parameter: "-l [space] data packet size"; "-n data transmission count "; "-t" indicates that the ping is always performed.
Ping-t-l 65550 ip address death ping (send more than 64 ...... remaining full text>

Common computer commands

I have
Doscommand. Doc
Doscommand details. Doc
For Windows, the commonly used network commands and commands are described in detail. Doc
Key-disk combination function .doc
Start and run command set jin.doc

It seems that all of them meet your requirements. If you want to, EMAIL them. I sent it to you, but remember to give me more points after receiving it. It was collected for a long time.

Sent, go to receive, add points after receiving.

Let's just drop it.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.