Complete List of MS-DOS Commands.

SPOTO summarize the most common network commands in this article to help you master it.

1, ping

It is a command to check if the network is fluent or the speed of the network connection. As an administrator or hacker living on the network, the ping command is the first DOS command that must be mastered. The principle it uses is this: the machines on the network have uniquely determined IP addresses, and we give the target The IP address sends a data packet, and the other party returns a data packet of the same size. According to the returned data packet, we can determine the existence of the target host, and can initially determine the operating system of the target host. Let's take a look at some of its common operations. First look at the help, type in the DOS window: ping /? Enter. The help screen shown. Here, we only have some basic and useful parameters (the same below).

-t means that the packet will be sent to the target IP without interruption until we force it to stop. Imagine if you use 100M broadband access and the target IP is a 56K kitten, then it will take a long time for the target IP to drop because it can't bear so much data. Oh, an attack is as simple as that.

-l Defines the size of the sent packet. The default is 32 bytes, which we can use to define up to 65500 bytes. Combined with the -t parameter described above, there will be better results.

-n Defines the number of times a packet is sent to the destination IP. The default is 3 times. If the network speed is slow, 3 times is a waste of time for us, because now our goal is only to determine whether the target IP exists, then define it as once.

Explain that if the -t parameter is used with the -n parameter, the ping command is based on the following parameters, such as "ping IP -t -n 3". Although the -t parameter is used, it is not always pinged. But only ping 3 times. In addition, the ping command does not have to ping the IP, you can also directly ping the host domain name, so you can get the host's IP.

Let's take an example to illustrate the specific usage.

Here time=2 means that the time taken from the time the packet is sent to the time the packet is received is 2 seconds, from which the speed of the network connection can be judged. The return value from the TTL can be used to initially determine the operating system of the pinged host. The reason for saying "preliminary judgment" is because this value can be modified. Here TTL=32 means the operating system may be win98.

(Small knowledge: If TTL=128, it means the target host might be Win2000; if TTL=250, the target host might be Unix)

As for the ping command, you can quickly find the LAN fault, you can quickly search for the fastest QQ server, you can ping other people... These are all played by yourself.

2, nbtstat

This command uses the NetBIOS display protocol statistics on TCP/IP and the current TCP/IP connection. With this command, you can get the NETBIOS information of the remote host, such as the user name, the working group to which it belongs, and the MAC address of the network card. Here we need to understand a few basic parameters.

-a Use this parameter, as long as you know the machine name of the remote host, you can get its NETBIOS information (the same below).

-A This parameter also gets the NETBIOS information of the remote host, but you need to know its IP.

-n Lists the NETBIOS information of the local machine.

When you get the IP or machine name of the other party, you can use the nbtstat command to get the other party's information further, which increases the insurance factor of our invasion.

3, netstat

This is a command to view the status of the network, which is easy to use and powerful.

-a View all open ports of the local machine, you can effectively find and prevent Trojans, you can know the information about the services opened by the machine, as shown in Figure 4.

Here you can see that the local machine is open with FTP service, Telnet service, mail service, WEB service, etc. Usage: netstat -a IP.

-r Lists the current routing information and tells us the local machine's gateway, subnet mask and other information. Usage: netstat -r IP.

4, tracert

Track routing information,

Use this command to find out all the ways that data is transferred from the local machine to the target host, which is helpful for us to understand the network layout and structure. As shown in Figure 5.

Here, the data is transferred from the local machine to the 192.168.0.1 machine, without any intermediate transfer, indicating that the two machines are in the same LAN. Usage: tracert IP.

5, net

This command is the most important one in the network command. It must thoroughly grasp the usage of each of its subcommands, because its function is too powerful, which is simply the best intrusion tool Microsoft provides us. First let's take a look at the subcommands that it has, type net /? Enter as shown in Figure 6.

Here, we focus on several subcommands that are commonly used for intrusions.

Net view

Use this command to view shared resources of remote hosts. The command format is net view \IP.

Net use

Map a shared resource of the remote host to a local drive letter, and the graphical interface is convenient to use, huh, huh. The command format is net use x: \IP\sharename. The above one indicates that the directory named 192.168.0.5IP with the shared name magic is mapped to the local Z disk. The following shows the IPC$ connection with 192.168.0.7 (net use \IP\IPC$ "password" /user:"name"),

After establishing the IPC$ connection, hehe, you can upload the file: copy nc.exe \192.168.0.7\admin$, which means that the nc.exe in the local directory is transferred to the remote host, combined with other DOS commands to be introduced later. It is possible to achieve an invasion.

Net start

Use it to start a service on a remote host. When you establish a connection with a remote host, what if you find that its services are not started and you want to take advantage of this service? Just use this command to start it. Usage: net start servername, as shown in Figure 9, successfully started the telnet service.

Net stop

After the invasion, I found that a certain service of the remote host is in the way. What should I do? Use this command to stop it, it is ok, the usage is the same as net start.

Net user

View information about your account, including creating new accounts, deleting accounts, viewing specific accounts, activating accounts, disabling accounts, and more. This is very beneficial for our invasion, and most importantly, it provides a prerequisite for us to clone the account. Type net user with no parameters to view all users, including those that have been disabled. Explain separately below.

1, net user abcd 1234 /add, create a new user name abcd, password is 1234 account, the default is the user group member.

2, net user abcd /del, delete the user whose name is abcd.

3, net user abcd /active: no, disable the user named abcd.

4, net user abcd /active:yes, activate the user whose name is abcd.

5, net user abcd, check the status of the user named abcd 

Net localgroup

View all information related to user groups and perform related operations. Type net localgroup with no parameters to list all current user groups. In the process of intrusion, we generally use it to promote an account to the administrator group account, so that we can use this account to control the entire remote host. Usage: net localgroup groupname username /add.

Now we add the newly created user abcd to the administrator group. At this time, the abcd user is already a super administrator. Oh, you can use net user abcd to check his status. Compare it with Figure 10. come out. But this is too obvious, the network management can see the user's situation can leak flaws, so this method can only deal with the rookie network management, but we still have to know. The current method is to use other tools and means to clone a super administrator that the network administrator can't see. This is a postscript. Interested friends can refer to the article "Analysis from Long to Deep" on the 30th issue of "Hacker Defense".

Net time

 This command can view the current time of the remote host. If your goal is only to enter the remote host, then you may not use this command. But the simple invasion is successful, is it just a look? We need further penetration. This requires even the current time of the remote host to be known, because the time and other means (described later) can be used to achieve the timing of a certain command and program, laying the foundation for further invasion. Usage: net time \IP.

6, at

The purpose of this command is to schedule a specific command and program to be executed on a specific date or time (Is it important to know the net time?). When we know the current time of the remote host, we can use this command to execute a program and command at a later time (such as 2 minutes). Usage: at time command \computer.

It means that at 6:55, let the computer with the name a-01 turn on the telnet service (here net start telnet is the command to open the telnet service).

7, ftp

Should everyone be familiar with this order? There are a lot of open ftp hosts on the network, and a large part of them are anonymous, which means that anyone can log in. Now if you scan to a host that has an open ftp service (usually a 21-port machine), what if you don't use the ftp command? The basic ftp command usage is given below.

First type ftp at the command line and the ftp prompt appears. At this time, type "help" to view the help (any DOS command can use this method to view its help).

You may have seen how to use so many commands? In fact, it is not used much, and mastering a few basic ones is enough.

The first is the login process, which is used to open, directly enter the "open host IP ftp port" at the ftp prompt, press Enter, the general port default is 21, you can not write. Then enter the legal username and password to log in. Here is an example of anonymous ftp.

The username and password are both ftp and the password is not displayed. When prompted **** logged in, it means the login is successful. Here is an anonymous login, so the user is shown as Anonymous.

Next, we will introduce the use of specific commands.

The dir is the same as the DOS command. It is used to view the server's files. Just type dir and press Enter to see the files on the ftp server.

Cd into a folder.

Get downloads the file to the local machine.

Put uploads files to a remote server. This depends on whether the remote ftp server gives you the right to write, if you can, huh, huh, how to use it, not much to say, everyone will free to play.

Delete Deletes the file on the remote ftp server. This must also ensure that you have write access.

Bye exits the current connection.

Quit Same as above.

Eight, telnet

Powerful remote login commands, almost all intruders like to use it, tried and tested. why? It's easy to use, just like using your own machine. As long as you are familiar with DOS commands, after successfully connecting to a remote machine as administrator, you can use it to do everything you want. Here's how to use it. First type telnet and press enter and type help to view its help information.

Then type open IP at the prompt, and the login window will appear, allowing you to enter a valid username and password. Any password entered here will not be displayed.

When the user name and password are entered correctly, the telnet connection is successfully established. At this time, you have the same permissions as the user on the remote host. You can use the DOS command to do what you want. Here I am using the super administrator privileges to log in.

So far, the introduction of the network DOS command has come to an end, the purpose of the introduction here is only to give the rookie network an impression, let it know the importance of familiar with and master the network DOS command. In fact, the DOS commands related to the network are far more than these. This is just a joke, and I hope to help the rookie network management. Learning DOS is very helpful for good network management, especially skilled in some network DOS commands.

In addition, everyone should be aware that anyone who wants to enter the system must have a valid username and password (the input method vulnerability is almost extinct), even if you only have a small permission to get the account, you can use it to Achieve the final purpose. Therefore, it is the best way to defend against weak password intrusion by firmly eliminating the empty password and adding a strong password to your account.

Finally, sincerely, it is most important to develop a good sense of security.

    Start → Run → Command Highlights

    Winver---------Check the Windows version

    Wmimgmt.msc----Open Windows Management Architecture (WMI)

    Wupdmgr--------windows updater

    Wscript--------windows script host settings

    Write----------Wordboard

    Winmsd---------System Information

    Wiaacmgr-------Scanner and Camera Wizard

    Winchat--------XP comes with LAN chat

    Mem.exe--------display memory usage

    Msconfig.exe---System Configuration Utility

    Mplayer2-------Simple widnows media player

    Mspaint--------painting board

    Mstsc----------Remote Desktop Connection

    Mplayer2-------media player

    Magnify-------- Magnifier utility

    Mmc------------ open the console

    Mobsync--------sync command

    Dxdiag---------Check DirectX information

    Drwtsn32------ system doctor

    Devmgmt.msc--- Device Manager

    Dfrg.msc-------Disk Defragmenter

    Diskmgmt.msc---disk management utility

    Dcomcnfg-------Open system component service

    Ddeshare-------Open DDE sharing settings

    Dvdplay--------DVD player

    Net stop messenger-----stop messenger service

    Net start messenger----start messenger service

    Notepad--------Open Notepad

    Nslookup-------Network Management Tool Wizard

    Ntbackup------- system backup and restore

    Narrator------- screen "narrative"

    Ntmsmgr.msc----Mobile Storage Manager

    Ntmsoprq.msc---Mobile Storage Administrator Operation Request

    Netstat -an----(TC) command check interface

    Syncapp--------Create a briefcase

    Sysedit--------system configuration editor

    Sigverif-------file signature verification program

    Sndrec32-------recorder

    Shrpubw--------Create a shared folder

    Secpol.msc-----local security policy

    Syskey--------- system encryption, once encrypted can not be unlocked, protect the double password of windows xp system

    Services.msc---local service settings

    Sndvol32-------Volume Control Program

    Sfc.exe--------System File Checker

    Sfc /scannow---windows file protection

    Tsshutdn-------60 seconds countdown shutdown command

    Introduction to tourstart------xp (roaming xp program that appears after installation is complete)

    Taskmgr--------task manager

    Eventvwr-------Event Viewer

    Eudcedit-------word making program

    Explorer-------Open the resource manager

    Packager-------object wrapper

    Perfmon.msc----computer performance monitoring program

    Progman--------Program Manager

    Regedit.exe----registry

    Rsop.msc-------Group Policy Result Set

    Regedt32-------Registry Editor

    Rononce -p ----15 seconds off

    Regsvr32 /u *.dll----stop dll file running

    Regsvr32 /u zipfldr.dll------Cancel ZIP support

    Cmd.exe--------CMD command prompt

    Chkdsk.exe-----Chkdsk disk check

    Certmgr.msc----Certificate Management Utility

    Calc----------- start calculator

    Charmap--------start character mapping table

    Cliconfg-------SQL SERVER client network utility

    Clipbrd--------Clipboard Viewer

    Conf----------- start netmeeting

    Compmgmt.msc---Computer Management

    Cleanmgr-------garbage

    Ciadv.msc------ indexing service program

    Osk------------Open the screen keyboard

    Odbcad32-------ODBC Data Source Manager

    Oobe/msoobe /a----Check if XP is activated

    Lusrmgr.msc----native users and groups

    Logoff---------logout command

    Iexpress------- Trojan bundle tool, the system comes with

    Nslookup-------IP address detector

    Fsmgmt.msc-----Shared Folder Manager

    Utilman--------Accessibility Manager

    Gpedit.msc-----group policy

要查看或添加评论,请登录

社区洞察

其他会员也浏览了