Windows Command Line: some useful tips

Yes, also Windows can be used by command line…

Today I propose a brief list of useful Windows CLI commands for daily use

Windows Registry

Adding Keys and Values

C:\>reg add [\\TargetIPaddr\][RegDomain]\[Key]

Add a key to the registry on machine [TargetIPaddr] within the registry domain [RegDomain] to location [Key].

If no remote machine is specified, the current machine is assumed.

Export and Import

C:\>reg export [RegDomain]\[Key] [FileName]

Export all subkeys and values located in the domain [RegDomain] under the location [Key] to the file [FileName]

C:\>reg import [FileName]

Import all registry entries from the file [FileName].

Import and export can only be done from or to the local machine.

Query for a specific Value of a Key

C:\>reg query [\\TargetIPaddr\][RegDomain]\[Key] /v [ValueName]

Query a key on machine [TargetIPaddr] within the registry domain [RegDomain] in location [Key] and get the specific value [ValueName] under that key.

Add /s to recurse all values.

WMIC

Fundamental grammar

C:\>wmic [alias] [where clause] [verb clause]

Useful [aliases]:

  • process
  • service
  • share
  • nicconfig
  • startup
  • useraccount
  • qfe (Quick Fix Engineering — shows patches)

Example [where clauses]:

  • where name=”nc.exe”
  • where (commandline like “%stuff”)
  • where (name=”cmd.exe” and parentprocessid!=”[pid]”)

Example [verb clauses]:

  • list [full|brief]
  • get [attrib1,attrib2…]
  • call [method]
  • delete

List all attributes of [alias]:

C:\> wmic [alias] get /?

List all callable methods of [alias]:

C:\>wmic [alias] call /?

Example
List all attributes of all running processes:

C:\>wmic process list full

Make WMIC effect remote[TargetIPaddr]:

C:\>wmic /node:[TargetIPaddr] /user:[User] /password:[Passwd] process list full

Processes and Services

List all processes currently running:

C:\>tasklist

List all processes currently running and the DLLs each has loaded:

C:\>tasklist /m

Lists all processes currently running which have the specified [dll] loaded:

C:\>tasklist /m [dll]

List all processes currently running and the services hosted in those processes:

C:\>tasklist /svc

Query brief status of all services:

C:\>sc query

Query the configuration of a specific service:

C:\>sc qc [ServiceName]

File Search and Counting Lines

Search directory structure for a file in a specific directory:

C:\>dir /b /s [Directory]\[FileName]

Count the number of lines on StandardOuy of [Command]:

C:\>[Command] | find /c /v “”

Finds the count (/c) of lines that do not contain (/v) nothing (“”).
Lines that do not have nothing are all lines, even blank lines, which contain CR/LF

Command line FOR loops

Counting Loop

C:\>for /L %i in([start],[step],[stop]) do [command]

Set %i to an initial value of [start] and increment it by [step] at every iteration until its value is equal to [stop].

For each iteration, run [command].

The iterator variable %i can be used anywhere in the command to represent its current value.

Iterate over file contents

C:\>for /F %i in ([file-set]) do[command]

Iterate through the contents of the file on a line-by-line basis.
For each iteration, store the contents of the line into %i and run [command].

Networking

Useful NETSTAT syntax

Show all TCP and UDP port usage and process ID:

C:\>netstat –nao

Look for usage of port [port] every [N] seconds:

C:\>netstat –nao [N] | find [port]

Dump detailed protocol statistics:

C:\>netstat –s –p [tcp|udp|ip|icmp]

Useful NETSH syntax

Turn off built-in Windows firewall:

C:\>netsh firewall set opmode disable

Configure interface “Local Area Connection” with [IPaddr] [Netmask] [DefaultGW]:

C:\>netsh interface ip set address local static [IPaddr] [Netmask] [DefaultGW] 1

Configure DNS server for “Local Area Connection”:

C:\>netsh interface ip set dns local static [IPaddr]

Configure interface to use DHCP:

C:\>netsh interface ip set address local dhcp

References

Windows Command Line: some useful tips was originally published in So Long, and Thanks for All the Fish on Medium, where people are continuing the conversation by highlighting and responding to this story.

Article Link: https://andreafortuna.org/windows-command-line-some-useful-tips-8f3d425ef23c?source=rss----bf18ac17f001---4