Commands: Difference between revisions

← Older edit
No edit summary
 
(81 intermediate revisions by 6 users not shown)
Line 1: Line 1:
The ipconfig command is a command-line utility used to display and manage the IP address assigned to a machine. It provides information about the current TCP/IP network configuration, including the IP address, subnet mask, and default gateway for all adapters . In Windows, typing ipconfig without any parameters displays the computer's currently assigned IP, subnet mask, and default gateway addresses. Additional parameters can be used to perform various actions, such as releasing and renewing IP addresses, flushing the DNS cache, and displaying DNS information.
This page includes both cmd and powershell commands, realistically, all of them should run from powershell anyway.


= IP Configuration (ipconfig) =


The ipconfig command is a command-line utility used to display and manage the IP address assigned to a machine.


<code>ipconfig</code>
== ipconfig [CMD] ==
 
ipconfig
Displays the basic TCP/IP configuration for all adapters.
Displays the basic TCP/IP configuration for all adapters.


 
== ipconfig /all [CMD] ==
<code>ipconfig /all</code>
ipconfig /all
 
Displays the full TCP/IP configuration for all adapters.
Displays the full TCP/IP configuration for all adapters.


 
== ipconfig /release [CMD] ==
<code>ipconfig /release</code>
ipconfig /release
 
Releases the IP address assigned to the computer.
Releases the IP address assigned to the computer.


 
== ipconfig /renew [CMD] ==
<code>ipconfig /renew</code>
ipconfig /renew
 
Renews the IP address assigned to the computer.
Renews the IP address assigned to the computer.


 
== ipconfig /flushdns [CMD] ==
<code>ipconfig /flushdns</code>
ipconfig /flushdns
 
Purges the DNS resolver cache.
Purges the DNS resolver cache.


== ipconfig /registerdns [CMD] ==
ipconfig /registerdns
Refreshes DHCP leases and re-registers DNS names.


<code>ipconfig /registerdns</code>
== ipconfig /displaydns [CMD] ==
 
ipconfig /displaydns
Refreshes all DHCP leases and re-registers DNS names.
Displays DNS cache contents.
 
 
<code>ipconfig /displaydns</code>
 
Displays the contents of the DNS cache.
 
 
<code>ipconfig /showclassid</code>
 
Displays the DHCP class ID for network adapters.
 
 
<code>ipconfig /setclassid</code>
 
Sets the DHCP class ID for network adapters.
 
 
<code>ipconfig /allcompartments</code>
 
Displays the full TCP/IP configuration for all adapters, including all compartments.
 
 
<code>ipconfig /release6</code>
 
Releases the IPv6 address assigned to the computer.


== ipconfig (IPv6 & advanced) [CMD] ==
ipconfig /allcompartments
ipconfig /release6
ipconfig /renew6
ipconfig /showclassid
ipconfig /setclassid
ipconfig /showclassid6
ipconfig /setclassid6
ipconfig /flushdns6


<code>ipconfig /renew6</code>
= Windows Repair (USE THIS IF WINDOWS IS ACTING UP) =


Renews the IPv6 address assigned to the computer.
== DISM RestoreHealth [CMD] ==
DISM /Online /Cleanup-Image /RestoreHealth


== SFC Scan (run after DISM) [CMD] ==
SFC /scannow


<code>ipconfig /showclassid6</code>
== SFC Scan (after reboot) [CMD] ==
SFC /scannow


Displays the IPv6 DHCP class ID for network adapters.
= Reset Internet Settings (Fixes a surprisingly large amount of problems with ms office) [CMD] =
RunDll32.exe InetCpl.cpl,ResetIEtoDefaults


= Network Drive Management =


<code>ipconfig /setclassid6</code>
== List Mapped Drives [CMD] ==
net use


Sets the IPv6 DHCP class ID for network adapters.
== Remove Mapping [CMD] ==
net use <drive letter>: /delete


== Recreate Mapping [CMD] ==
net use <drive letter>: \\server\share /persistent:yes


<code>ipconfig /flushdns6</code>
== Delete All Mappings [CMD] ==
net use * /delete


Purges the IPv6 DNS resolver cache.
== Persistently Map Drive [CMD] ==
net use /persistent:yes h: \\VBoxSvr\Win11\Documents


= User Management =


== Create Local User [CMD] ==
net user "user.name" password /add


<hr>
== Add to Administrators [CMD] ==
net localgroup administrators "user.name" /add


== Remove from Administrators [CMD] ==
net localgroup administrators "user.name" /delete


USE THIS IS WINDOWS IF ACTING UP HELLA WEIRD
== Delete User [CMD] ==
net user "user.name" /delete


== Disable Built-in Accounts [CMD] ==
net user "Administrator" /active:no
net user "Guest" /active:no


The <code>DISM /Online /Cleanup-Image /RestoreHealth</code> command is used to scan for corruption in the Windows image and repair any issues found. DISM stands for Deployment Image Servicing and Management, and it is a command-line tool used to service and prepare Windows images for deployment, recovery, and setup.
= Power & System =


When you run the <code>DISM /Online /Cleanup-Image /RestoreHealth</code> command, it performs the following tasks:
== Disable Hibernation [CMD] ==
powercfg.exe /Hibernate off


Scans the Windows image for corruption and identifies any issues.
== Compact OS [CMD] ==
Verifies the integrity of the system file backups in the Component Store by comparing them against known good copies from the Windows Update servers.
Compact.exe /CompactOS:always
Attempts to repair any corruption found in the Windows image by replacing the corrupted files with the known good copies.


It's important to note that running this command requires administrative privileges, and it may take some time to complete, depending on the system and the extent of the corruption.
== Rename Computer [PowerShell] ==
Rename-Computer -NewName "YourNewHostname"


= Sessions =


-open cmd in admin
== List Sessions [CMD] ==
query session


<code>DISM /Online /Cleanup-Image /RestoreHealth</code>
== Logoff Session [CMD] ==
logoff {number}


= Windows Fixes =


-after running DISM, run this right after, if errors are found, it will fix it, reboot pc
== Fix Windows 11 Right Click [CMD] ==
reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve


<code>SFC /scannow</code>
== Make Edge Alt Key not focus settings  [CMD] ==
reg add HKLM\SOFTWARE\Policies\Microsoft\Edge /v ConfigureKeyboardShortcuts /d {"disabled":["focus_settings_and_more"]}


== Disable Widgets [CMD] ==
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0


-after reboot, run CMD as admin and run again
== Fix Windows Update Missing [CMD] ==
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /f


<code>SFC /scannow</code>
== Disable Telemetry (May auto-undo itself on non-enterprise windows versions) [CMD] ==
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection /v AllowTelemetry /t REG_DWORD /d 0 /f


= Active Directory =


== Check Password Expiry [PowerShell] ==
Get-ADUser -identity INSERTclientUSERNAMEHERE -properties PasswordLastSet, PasswordExpired, PasswordNeverExpires | ft Name, PasswordLastSet, PasswordExpired, PasswordNeverExpires


== Force AD Sync [PowerShell] ==
start-adsyncsynccycle -policytype delta


== Join Domain [PowerShell] ==
add-computer -domainname "YourDomainName" -restart


<hr>
= Apps & Installation =


-Let's not forget the G.O.A.T., Use in Run to reset internet settings especially if you are having connecting MS app online or if Sonicwall Netextender breaks the connection
== Install New Teams [PowerShell] ==
Add-ProvisionedAppPackage -Online -PackagePath "MSTeams-x64.msix" -SkipLicense


<code>RunDll32.exe InetCpl.cpl,ResetIEtoDefaults</code>
== Install OpenSSH [PowerShell] ==
<hr>
Add-WindowsCapability -Online -Name OpenSSH.Server
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'


== Install RSAT [PowerShell] ==
Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online


== Install Vim (System Wide) [PowerShell] ==
mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe C:\windows\system32\vim.exe


Create a Local user with CMD and make it into Admin, IF The username has a period in between please use the quotations.
== Install Vim (User Only) [PowerShell] ==
mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe $env:LOCALAPPDATA\Microsoft\WindowsApps\vim.exe


== Install Git [PowerShell] ==
winget install --id Git.Git -e --source winget --scope user


<code>net user "user.name" password /add</code>
= Services =


== List Services [PowerShell] ==
Get-Service


then
== Set Auto Start [PowerShell] ==
Set-Service -Name {servicename} -StartupType Automatic


<code>net localgroup administrators "user.name" /add</code>
== Manage Service [PowerShell] ==
Start-Service {servicename}
Stop-Service {servicename}
Restart-Service {servicename}


= Networking (Advanced) =


If you need to remove Admin creds
== Remove Default Gateway [PowerShell] ==
Remove-NetRoute -InterfaceAlias "{get this name from Get-NetAdapter}" -DestinationPrefix 0.0.0.0/0


<code>net localgroup administrators "user.name" /delete</code>
== Set IP Address [PowerShell] ==
Get-NetAdapter -Name '{get this name from Get-NetAdapter}' | New-NetIPAddress -IPAddress {newIP} -PrefixLength {cidr}


== Allow Ping [CMD] ==
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow


if you need to delete the local account
== Show WiFi Passwords [CMD] ==
for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @if "%j" NEQ "" (echo SSID: %j & netsh wlan show profiles %j key=clear | findstr "Key Content")


<code>net user "user.name" /delete</code>
== Disable WiFi Scanning [CMD] ==
netsh wlan set autoconfig enabled=no interface="Wi-Fi"


== Enable WiFi Scanning [CMD] ==
netsh wlan set autoconfig enabled=yes interface="Wi-Fi"


Disable builtin Administrator and Guest accounts:
= Storage & Files =


<code>net user "Administrator" /active:no</code>
== Resize VHD [PowerShell] ==
resize-vhd -path "f:\Shares\profiledisks" -Sizebytes 30GB


<code>net user "Guest" /active:no</code>
== Robocopy Migration [CMD] ==
robocopy "C:\users\awesome.guy" "D:\users\awesome.guy" /E /COPYALL /zb /r:10 /w:10 /tee /unilog+:"D:\robocopylog.txt"


= DNS & Group Policy =


<hr>
== Add DNS Suffix [PowerShell] ==
Set-DnsClientGlobalSetting -SuffixSearchList @("corp.mariocorp.com")


Disable hibernation file to resolve issues with shutdown and free up some disk space.
== Force GP Update [CMD] ==
gpupdate.exe /force


<code>powercfg.exe /Hibernate off</code>
= Misc =


== Firefox Profile Manager [CMD] ==
"C:\Program Files\Mozilla Firefox\firefox.exe" --ProfileManager


<hr>
== Ping with Timestamp [PowerShell] ==
Log off someone from a desktop session
ping google.com -t | % { "$(Get-Date -Format 'yyyy-MM-dd HH:mm:ss') $_" }


== Open a Command Prompt as SYSTEM ==


List all sessions:  
=== PSExec Method (Requires installing PSExec) [PowerShell] ===
The oneliner below installs psexec for you and uses it to open the SYSTEM cmd. Needs an elevated powershell prompt.
Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "$env:TEMP\PSTools.zip"; Expand-Archive "$env:TEMP\PSTools.zip" -DestinationPath "$env:TEMP\PSTools" -Force; & "$env:TEMP\PSTools\PsExec64.exe" -accepteula -i -s -d cmd.exe /k "title NT AUTHORITY\SYSTEM - whoami && whoami"


<code>query session</code>
If it has been run before, you can open the prompt with just:
;& "$env:TEMP\PSTools\PsExec64.exe" -i -s -d cmd.exe


Logoff the corresponding session:
=== UAC Method (May trip antivirus but does not require external tools) ===
This method uses the UAC secure desktop (via On-Screen Keyboard trick) to launch cmd.exe as '''NT AUTHORITY\SYSTEM''' without third-party tools.


<code>logoff {number}</code>
==== Setup (run once as Administrator) ====
<pre>
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /v Debugger /t REG_SZ /d "cmd.exe" /f
</pre>


==== Trigger SYSTEM cmd ====
# Open any program '''as Administrator''' so the UAC prompt appears.
# While the UAC dialog is visible (dark background), press '''Win + U''' to open Ease of Access Center.
# Click '''On-Screen Keyboard'''.
# A Command Prompt running as '''SYSTEM''' should appear on the secure desktop.


<hr>
==== Cleanup (run as Administrator when done) ====
Fix right click on Windows 11, doesn't need admin:
<pre>
reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /f
</pre>


<code>reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve</code>
'''Note:''' This works because the secure desktop runs with SYSTEM privileges. The cmd window will appear only while the UAC prompt is active.

Latest revision as of 21:23, 2 April 2026

This page includes both cmd and powershell commands, realistically, all of them should run from powershell anyway.

IP Configuration (ipconfig)[edit]

The ipconfig command is a command-line utility used to display and manage the IP address assigned to a machine.

ipconfig [CMD][edit]

ipconfig

Displays the basic TCP/IP configuration for all adapters.

ipconfig /all [CMD][edit]

ipconfig /all

Displays the full TCP/IP configuration for all adapters.

ipconfig /release [CMD][edit]

ipconfig /release

Releases the IP address assigned to the computer.

ipconfig /renew [CMD][edit]

ipconfig /renew

Renews the IP address assigned to the computer.

ipconfig /flushdns [CMD][edit]

ipconfig /flushdns

Purges the DNS resolver cache.

ipconfig /registerdns [CMD][edit]

ipconfig /registerdns

Refreshes DHCP leases and re-registers DNS names.

ipconfig /displaydns [CMD][edit]

ipconfig /displaydns

Displays DNS cache contents.

ipconfig (IPv6 & advanced) [CMD][edit]

ipconfig /allcompartments
ipconfig /release6
ipconfig /renew6
ipconfig /showclassid
ipconfig /setclassid
ipconfig /showclassid6
ipconfig /setclassid6
ipconfig /flushdns6

Windows Repair (USE THIS IF WINDOWS IS ACTING UP)[edit]

DISM RestoreHealth [CMD][edit]

DISM /Online /Cleanup-Image /RestoreHealth

SFC Scan (run after DISM) [CMD][edit]

SFC /scannow

SFC Scan (after reboot) [CMD][edit]

SFC /scannow

Reset Internet Settings (Fixes a surprisingly large amount of problems with ms office) [CMD][edit]

RunDll32.exe InetCpl.cpl,ResetIEtoDefaults

Network Drive Management[edit]

List Mapped Drives [CMD][edit]

net use

Remove Mapping [CMD][edit]

net use <drive letter>: /delete

Recreate Mapping [CMD][edit]

net use <drive letter>: \\server\share /persistent:yes

Delete All Mappings [CMD][edit]

net use * /delete

Persistently Map Drive [CMD][edit]

net use /persistent:yes h: \\VBoxSvr\Win11\Documents

User Management[edit]

Create Local User [CMD][edit]

net user "user.name" password /add

Add to Administrators [CMD][edit]

net localgroup administrators "user.name" /add

Remove from Administrators [CMD][edit]

net localgroup administrators "user.name" /delete

Delete User [CMD][edit]

net user "user.name" /delete

Disable Built-in Accounts [CMD][edit]

net user "Administrator" /active:no
net user "Guest" /active:no

Power & System[edit]

Disable Hibernation [CMD][edit]

powercfg.exe /Hibernate off

Compact OS [CMD][edit]

Compact.exe /CompactOS:always

Rename Computer [PowerShell][edit]

Rename-Computer -NewName "YourNewHostname"

Sessions[edit]

List Sessions [CMD][edit]

query session

Logoff Session [CMD][edit]

logoff {number}

Windows Fixes[edit]

Fix Windows 11 Right Click [CMD][edit]

reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve

Make Edge Alt Key not focus settings [CMD][edit]

reg add HKLM\SOFTWARE\Policies\Microsoft\Edge /v ConfigureKeyboardShortcuts /d {"disabled":["focus_settings_and_more"]}

Disable Widgets [CMD][edit]

reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0

Fix Windows Update Missing [CMD][edit]

reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /f

Disable Telemetry (May auto-undo itself on non-enterprise windows versions) [CMD][edit]

reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection /v AllowTelemetry /t REG_DWORD /d 0 /f

Active Directory[edit]

Check Password Expiry [PowerShell][edit]

Get-ADUser -identity INSERTclientUSERNAMEHERE -properties PasswordLastSet, PasswordExpired, PasswordNeverExpires | ft Name, PasswordLastSet, PasswordExpired, PasswordNeverExpires

Force AD Sync [PowerShell][edit]

start-adsyncsynccycle -policytype delta

Join Domain [PowerShell][edit]

add-computer -domainname "YourDomainName" -restart

Apps & Installation[edit]

Install New Teams [PowerShell][edit]

Add-ProvisionedAppPackage -Online -PackagePath "MSTeams-x64.msix" -SkipLicense

Install OpenSSH [PowerShell][edit]

Add-WindowsCapability -Online -Name OpenSSH.Server
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'

Install RSAT [PowerShell][edit]

Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online

Install Vim (System Wide) [PowerShell][edit]

mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe C:\windows\system32\vim.exe

Install Vim (User Only) [PowerShell][edit]

mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe $env:LOCALAPPDATA\Microsoft\WindowsApps\vim.exe

Install Git [PowerShell][edit]

winget install --id Git.Git -e --source winget --scope user

Services[edit]

List Services [PowerShell][edit]

Get-Service

Set Auto Start [PowerShell][edit]

Set-Service -Name {servicename} -StartupType Automatic

Manage Service [PowerShell][edit]

Start-Service {servicename}
Stop-Service {servicename}
Restart-Service {servicename}

Networking (Advanced)[edit]

Remove Default Gateway [PowerShell][edit]

Remove-NetRoute -InterfaceAlias "{get this name from Get-NetAdapter}" -DestinationPrefix 0.0.0.0/0

Set IP Address [PowerShell][edit]

Get-NetAdapter -Name '{get this name from Get-NetAdapter}' | New-NetIPAddress -IPAddress {newIP} -PrefixLength {cidr}

Allow Ping [CMD][edit]

netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow

Show WiFi Passwords [CMD][edit]

for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @if "%j" NEQ "" (echo SSID: %j & netsh wlan show profiles %j key=clear | findstr "Key Content")

Disable WiFi Scanning [CMD][edit]

netsh wlan set autoconfig enabled=no interface="Wi-Fi"

Enable WiFi Scanning [CMD][edit]

netsh wlan set autoconfig enabled=yes interface="Wi-Fi"

Storage & Files[edit]

Resize VHD [PowerShell][edit]

resize-vhd -path "f:\Shares\profiledisks" -Sizebytes 30GB

Robocopy Migration [CMD][edit]

robocopy "C:\users\awesome.guy" "D:\users\awesome.guy" /E /COPYALL /zb /r:10 /w:10 /tee /unilog+:"D:\robocopylog.txt"

DNS & Group Policy[edit]

Add DNS Suffix [PowerShell][edit]

Set-DnsClientGlobalSetting -SuffixSearchList @("corp.mariocorp.com")

Force GP Update [CMD][edit]

gpupdate.exe /force

Misc[edit]

Firefox Profile Manager [CMD][edit]

"C:\Program Files\Mozilla Firefox\firefox.exe" --ProfileManager

Ping with Timestamp [PowerShell][edit]

ping google.com -t | % { "$(Get-Date -Format 'yyyy-MM-dd HH:mm:ss') $_" }

Open a Command Prompt as SYSTEM[edit]

PSExec Method (Requires installing PSExec) [PowerShell][edit]

The oneliner below installs psexec for you and uses it to open the SYSTEM cmd. Needs an elevated powershell prompt. 

Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "$env:TEMP\PSTools.zip"; Expand-Archive "$env:TEMP\PSTools.zip" -DestinationPath "$env:TEMP\PSTools" -Force; & "$env:TEMP\PSTools\PsExec64.exe" -accepteula -i -s -d cmd.exe /k "title NT AUTHORITY\SYSTEM - whoami && whoami"

If it has been run before, you can open the prompt with just: 

;& "$env:TEMP\PSTools\PsExec64.exe" -i -s -d cmd.exe

UAC Method (May trip antivirus but does not require external tools)[edit]

This method uses the UAC secure desktop (via On-Screen Keyboard trick) to launch cmd.exe as NT AUTHORITY\SYSTEM without third-party tools.

Setup (run once as Administrator)[edit]

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /v Debugger /t REG_SZ /d "cmd.exe" /f

Trigger SYSTEM cmd[edit]

  1. Open any program as Administrator so the UAC prompt appears.
  2. While the UAC dialog is visible (dark background), press Win + U to open Ease of Access Center.
  3. Click On-Screen Keyboard.
  4. A Command Prompt running as SYSTEM should appear on the secure desktop.

Cleanup (run as Administrator when done)[edit]

reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /f

Note: This works because the secure desktop runs with SYSTEM privileges. The cmd window will appear only while the UAC prompt is active.

Retrieved from "https://readonlywiki.luccapirovano.com/index.php?title=Commands&oldid=1201"