Commands: Difference between revisions
| (7 intermediate revisions by the same user not shown) | |||
| Line 43: | Line 43: | ||
ipconfig /flushdns6 | ipconfig /flushdns6 | ||
= Windows Repair (USE THIS IF WINDOWS IS ACTING UP | = Windows Repair (USE THIS IF WINDOWS IS ACTING UP) = | ||
== DISM RestoreHealth [CMD] == | == DISM RestoreHealth [CMD] == | ||
| Line 54: | Line 54: | ||
SFC /scannow | SFC /scannow | ||
= Reset Internet Settings ( | = Reset Internet Settings (Fixes a surprisingly large amount of problems with ms office) [CMD] = | ||
RunDll32.exe InetCpl.cpl,ResetIEtoDefaults | RunDll32.exe InetCpl.cpl,ResetIEtoDefaults | ||
| Line 116: | Line 116: | ||
reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve | reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve | ||
== | == Make Edge Alt Key not focus settings [CMD] == | ||
reg add HKLM\SOFTWARE\Policies\Microsoft\Edge /v ConfigureKeyboardShortcuts /d {"disabled":["focus_settings_and_more"]} | reg add HKLM\SOFTWARE\Policies\Microsoft\Edge /v ConfigureKeyboardShortcuts /d {"disabled":["focus_settings_and_more"]} | ||
| Line 221: | Line 221: | ||
=== PSExec Method (Requires installing PSExec) [PowerShell] === | === PSExec Method (Requires installing PSExec) [PowerShell] === | ||
The oneliner below installs psexec for you. Needs elevated powershell prompt. | The oneliner below installs psexec for you and uses it to open the SYSTEM cmd. Needs an elevated powershell prompt. | ||
Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "$env:TEMP\PSTools.zip"; Expand-Archive "$env:TEMP\PSTools.zip" -DestinationPath "$env:TEMP\PSTools" -Force; & "$env:TEMP\PSTools\PsExec64.exe" -i -s -d cmd.exe /k "title NT AUTHORITY\SYSTEM - whoami && whoami" | Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "$env:TEMP\PSTools.zip"; Expand-Archive "$env:TEMP\PSTools.zip" -DestinationPath "$env:TEMP\PSTools" -Force; & "$env:TEMP\PSTools\PsExec64.exe" -accepteula -i -s -d cmd.exe /k "title NT AUTHORITY\SYSTEM - whoami && whoami" | ||
If it has been run before, you can open the prompt with just: | |||
;& "$env:TEMP\PSTools\PsExec64.exe" -i -s -d cmd.exe | |||
=== UAC Method (May trip antivirus but does not require external tools) === | === UAC Method (May trip antivirus but does not require external tools) === | ||
Latest revision as of 21:23, 2 April 2026
This page includes both cmd and powershell commands, realistically, all of them should run from powershell anyway.
IP Configuration (ipconfig)[edit]
The ipconfig command is a command-line utility used to display and manage the IP address assigned to a machine.
ipconfig [CMD][edit]
ipconfig
Displays the basic TCP/IP configuration for all adapters.
ipconfig /all [CMD][edit]
ipconfig /all
Displays the full TCP/IP configuration for all adapters.
ipconfig /release [CMD][edit]
ipconfig /release
Releases the IP address assigned to the computer.
ipconfig /renew [CMD][edit]
ipconfig /renew
Renews the IP address assigned to the computer.
ipconfig /flushdns [CMD][edit]
ipconfig /flushdns
Purges the DNS resolver cache.
ipconfig /registerdns [CMD][edit]
ipconfig /registerdns
Refreshes DHCP leases and re-registers DNS names.
ipconfig /displaydns [CMD][edit]
ipconfig /displaydns
Displays DNS cache contents.
ipconfig (IPv6 & advanced) [CMD][edit]
ipconfig /allcompartments ipconfig /release6 ipconfig /renew6 ipconfig /showclassid ipconfig /setclassid ipconfig /showclassid6 ipconfig /setclassid6 ipconfig /flushdns6
Windows Repair (USE THIS IF WINDOWS IS ACTING UP)[edit]
DISM RestoreHealth [CMD][edit]
DISM /Online /Cleanup-Image /RestoreHealth
SFC Scan (run after DISM) [CMD][edit]
SFC /scannow
SFC Scan (after reboot) [CMD][edit]
SFC /scannow
Reset Internet Settings (Fixes a surprisingly large amount of problems with ms office) [CMD][edit]
RunDll32.exe InetCpl.cpl,ResetIEtoDefaults
Network Drive Management[edit]
List Mapped Drives [CMD][edit]
net use
Remove Mapping [CMD][edit]
net use <drive letter>: /delete
Recreate Mapping [CMD][edit]
net use <drive letter>: \\server\share /persistent:yes
Delete All Mappings [CMD][edit]
net use * /delete
Persistently Map Drive [CMD][edit]
net use /persistent:yes h: \\VBoxSvr\Win11\Documents
User Management[edit]
Create Local User [CMD][edit]
net user "user.name" password /add
Add to Administrators [CMD][edit]
net localgroup administrators "user.name" /add
Remove from Administrators [CMD][edit]
net localgroup administrators "user.name" /delete
Delete User [CMD][edit]
net user "user.name" /delete
Disable Built-in Accounts [CMD][edit]
net user "Administrator" /active:no net user "Guest" /active:no
Power & System[edit]
Disable Hibernation [CMD][edit]
powercfg.exe /Hibernate off
Compact OS [CMD][edit]
Compact.exe /CompactOS:always
Rename Computer [PowerShell][edit]
Rename-Computer -NewName "YourNewHostname"
Sessions[edit]
List Sessions [CMD][edit]
query session
Logoff Session [CMD][edit]
logoff {number}
Windows Fixes[edit]
Fix Windows 11 Right Click [CMD][edit]
reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve
Make Edge Alt Key not focus settings [CMD][edit]
reg add HKLM\SOFTWARE\Policies\Microsoft\Edge /v ConfigureKeyboardShortcuts /d {"disabled":["focus_settings_and_more"]}
Disable Widgets [CMD][edit]
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v TaskbarDa /t REG_DWORD /d 0
Fix Windows Update Missing [CMD][edit]
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /f
Disable Telemetry (May auto-undo itself on non-enterprise windows versions) [CMD][edit]
reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection /v AllowTelemetry /t REG_DWORD /d 0 /f
Active Directory[edit]
Check Password Expiry [PowerShell][edit]
Get-ADUser -identity INSERTclientUSERNAMEHERE -properties PasswordLastSet, PasswordExpired, PasswordNeverExpires | ft Name, PasswordLastSet, PasswordExpired, PasswordNeverExpires
Force AD Sync [PowerShell][edit]
start-adsyncsynccycle -policytype delta
Join Domain [PowerShell][edit]
add-computer -domainname "YourDomainName" -restart
Apps & Installation[edit]
Install New Teams [PowerShell][edit]
Add-ProvisionedAppPackage -Online -PackagePath "MSTeams-x64.msix" -SkipLicense
Install OpenSSH [PowerShell][edit]
Add-WindowsCapability -Online -Name OpenSSH.Server Start-Service sshd Set-Service -Name sshd -StartupType 'Automatic'
Install RSAT [PowerShell][edit]
Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online
Install Vim (System Wide) [PowerShell][edit]
mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe C:\windows\system32\vim.exe
Install Vim (User Only) [PowerShell][edit]
mkdir vim-install; cd vim-install; $ProgressPreference = 'SilentlyContinue'; Invoke-Webrequest -UseBasicParsing https://github.com/vim/vim-win32-installer/releases/download/v9.1.0/gvim_9.1.0_x86_signed.zip -o gvim.zip; Expand-Archive -Path gvim.zip -DestinationPath .; cp .\vim\vim91\vim.exe $env:LOCALAPPDATA\Microsoft\WindowsApps\vim.exe
Install Git [PowerShell][edit]
winget install --id Git.Git -e --source winget --scope user
Services[edit]
List Services [PowerShell][edit]
Get-Service
Set Auto Start [PowerShell][edit]
Set-Service -Name {servicename} -StartupType Automatic
Manage Service [PowerShell][edit]
Start-Service {servicename}
Stop-Service {servicename}
Restart-Service {servicename}
Networking (Advanced)[edit]
Remove Default Gateway [PowerShell][edit]
Remove-NetRoute -InterfaceAlias "{get this name from Get-NetAdapter}" -DestinationPrefix 0.0.0.0/0
Set IP Address [PowerShell][edit]
Get-NetAdapter -Name '{get this name from Get-NetAdapter}' | New-NetIPAddress -IPAddress {newIP} -PrefixLength {cidr}
Allow Ping [CMD][edit]
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow
Show WiFi Passwords [CMD][edit]
for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @if "%j" NEQ "" (echo SSID: %j & netsh wlan show profiles %j key=clear | findstr "Key Content")
Disable WiFi Scanning [CMD][edit]
netsh wlan set autoconfig enabled=no interface="Wi-Fi"
Enable WiFi Scanning [CMD][edit]
netsh wlan set autoconfig enabled=yes interface="Wi-Fi"
Storage & Files[edit]
Resize VHD [PowerShell][edit]
resize-vhd -path "f:\Shares\profiledisks" -Sizebytes 30GB
Robocopy Migration [CMD][edit]
robocopy "C:\users\awesome.guy" "D:\users\awesome.guy" /E /COPYALL /zb /r:10 /w:10 /tee /unilog+:"D:\robocopylog.txt"
DNS & Group Policy[edit]
Add DNS Suffix [PowerShell][edit]
Set-DnsClientGlobalSetting -SuffixSearchList @("corp.mariocorp.com")
Force GP Update [CMD][edit]
gpupdate.exe /force
Misc[edit]
Firefox Profile Manager [CMD][edit]
"C:\Program Files\Mozilla Firefox\firefox.exe" --ProfileManager
Ping with Timestamp [PowerShell][edit]
ping google.com -t | % { "$(Get-Date -Format 'yyyy-MM-dd HH:mm:ss') $_" }
Open a Command Prompt as SYSTEM[edit]
PSExec Method (Requires installing PSExec) [PowerShell][edit]
The oneliner below installs psexec for you and uses it to open the SYSTEM cmd. Needs an elevated powershell prompt.
Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "$env:TEMP\PSTools.zip"; Expand-Archive "$env:TEMP\PSTools.zip" -DestinationPath "$env:TEMP\PSTools" -Force; & "$env:TEMP\PSTools\PsExec64.exe" -accepteula -i -s -d cmd.exe /k "title NT AUTHORITY\SYSTEM - whoami && whoami"
If it has been run before, you can open the prompt with just:
;& "$env:TEMP\PSTools\PsExec64.exe" -i -s -d cmd.exe
UAC Method (May trip antivirus but does not require external tools)[edit]
This method uses the UAC secure desktop (via On-Screen Keyboard trick) to launch cmd.exe as NT AUTHORITY\SYSTEM without third-party tools.
Setup (run once as Administrator)[edit]
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /v Debugger /t REG_SZ /d "cmd.exe" /f
Trigger SYSTEM cmd[edit]
- Open any program as Administrator so the UAC prompt appears.
- While the UAC dialog is visible (dark background), press Win + U to open Ease of Access Center.
- Click On-Screen Keyboard.
- A Command Prompt running as SYSTEM should appear on the secure desktop.
Cleanup (run as Administrator when done)[edit]
reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\osk.exe" /f
Note: This works because the secure desktop runs with SYSTEM privileges. The cmd window will appear only while the UAC prompt is active.