Wednesday 1 September 2021

TOP 20 UNTIMATE WINDOWS CMD COMMANDS

Subscribe to " FACEITNET " Youtube channel for more interesting videos 

The Microsoft Windows command prompt is a great feature and core the Windows operating system. There are some CMD commands that are very useful and easy to use by standard users see the Windows information.

Lets see few of the commands 

1) Ping : 

Verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol (ICMP) echo Request messages. The receipt of corresponding echo Reply messages are displayed, along with round-trip times. 

ping with successful response


ping /a 192.168.20.11



2) TRACERT: Trace Route

This diagnostic tool determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) echo Request or ICMPv6 messages to the destination with incrementally increasing time to live (TTL) field values. Each router along the path is required to decrement the TTL in an IP packet by at least 1 before forwarding it.   

Tracert google.com

                      
Prevent the resolution of each IP address to its name

3) tskill:

Ends a process running in a session on a Remote Desktop Session Host server.



4) ipconfig /all:

Displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.



5) gpupdate : 

Updates Group Policy settings.

gpupdate /force

gpupdate /force

gpresult /R



6) ipconfig /flushdns

To flush the DNS resolver cache when troubleshooting DNS name resolution problems, type.



7) nslookup:

Displays information that you can use to diagnose Domain Name System (DNS) infrastructure. 



8) FC:

Compares two files or sets of files and displays the differences between them.



9) NETSTAT: Network Statistics

Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). 


netstat -e -s




10) SHUTDOWN: Turn Off Computer

11) SYSTEMINFO: System Information

Displays detailed configuration information about a computer and its operating system, including operating system configuration, security information, product ID, and hardware properties (such as RAM, disk space, and network cards).



12) Taskkill

Ends one or more tasks or processes. Processes can be ended by process ID or image name.

13) Chkdsk

14) cls

15) Hostname

Displays the host name portion of the full computer name of the computer.



16) getmac

Returns the media access control (MAC) address and list of network protocols associated with each address for all network cards in each computer, either locally or across a network.



17) arp:

Displays and modifies entries in the Address Resolution Protocol (ARP) cache. The ARP cache contains one or more tables that are used to store IP addresses and their resolved Ethernet or Token Ring physical addresses

To display the arp cache table for the interface that is assigned the IP address 192.168.20.15,


 arp /a


18) Mkdir

19) quser:

Displays information about user sessions on a Remote Desktop Session Host server. 



20) net user 

Adds or modifies user accounts, or displays user account information

Net User is a command line tool that allows system administrators to manage user accounts on Windows PCs


net user Saththiyan



The following example adds a user account for a user whose full name is Sathi Satchi and whose user account name isSathi, with logon rights from 8 A.M. to 5 P.M., Monday through Friday (no spaces in time designations), a mandatory password (Cyk4^g3B), and the user's full name

net user Sathi Cyk4^g3B /add /passwordreq:yes /times:monday-friday,8am-5pm /fullname:"Sathi Satchi"




at No comments:

Tuesday 31 August 2021

Useful Forensic information in Apple MAC

 If you are a MAC user and looking to see some great information visit the following locations to find more information 


  • To see the History of installed Application cat /Library/Receipts/InstallHistory.plist

  • User Password  ~/Library/Keychains

  • List of Historically connected Wifi Access points  /Library/Preferences/SystemConfiguration/com.apple.airport.preferences

  • Current and historical Bluetooth devices : ~/Library/Preferences/com.apple.BluetoothAudioAgent.plist

  • Recently opened files,appliations and savers ~/Library/Preferences/com.apple.recentitems.plist

at No comments:

Friday 27 August 2021

Setup HoneyPot on windows 10 using KFSensor?

Subscribe to " FACEITNET " Youtube channel for more interesting videos 


at No comments:

Thursday 26 August 2021

How to create free Microsoft 365 subscription for testings?

Subscribe to " FACEITNET " Youtube channel for more interesting videos 


at No comments:

how to clone a disk for disk Forensic using MMLS ,Hexdump, DD tools?

Subscribe to " FACEITNET " Youtube channel for more interesting videos 


at No comments:

Tuesday 24 August 2021

Attach new Hard Disk to Debian Virtual Machine in VMware Workstation Pro

Subscribe to " FACEITNET " Youtube channel for more interesting videos 

There are situations where you need to add 2nd Hard Disk to your virtual Machine. In windows its  quite an easy process. Click Here to see how to do this in windows. But Linux/ Debian you have to use some commands in terminal to archive this. 

This step by step document shows you how to add 2nd Disk on Debian OS. 

First Create a new virtual disk and attack to VM. to do this you need to shutdown the VM and add new virtual hard Disk. 






Once finished, you have created and attached the new virtual disk to your virtual machine you must logically configure it before it is ready for use

Power on the VM and go to terminal and confirm the disk is attached 


now you must format the disk with a filesystem, i am  going to use the fourth extended filesystem (ext4)

1) sudo mkfs.ext4 /dev/sdb


Now we have to mount this to the system, Create a new directory within /mnt using the following command:

2) sudo mkdir /mnt/external

configure it to mount automatically, this is done via fstab.

First, backup the fstab file 

3) sudo cp /etc/fstab /etc/fstab.bak 

Now edit the file  to the fstab file using the following sed command:

4) sudo sed -i -e '$a/dev/sdb\t/mnt/external\text4\tdefaults\t0\t0' /etc/fstab

now mount the disk 

5) sudo mount /mnt/external

Now you can create the directory under the disk 

6) sudo mkdir /mnt/external/analyst

change the user and group ownership of the directory to the analyst 

7) sudo chown analyst:analyst /mnt/external/analyst

 create a symbolic link, located on the analyst user’s desktop

8)  ln -s /mnt/external/analyst/ ~/Desktop/external



at No comments:

How to Share a File from Windows host to Dabian Guest in VMware Workstation Pro?

Subscribe to " FACEITNET " Youtube channel for more interesting videos 

If you are wondering how can i share a file or Folder from your windows host operating system to a Debian Guest operation system then follow the steps below. 

Go to your windows system and create a folder you wish to share with Guest OS. 


Then go to VMware setting and click on the option tab on the top, 

Now go to shared folder and enable the Folder Sharing. 

Then click on the add button and provide the path of the folder you would like to share with 


Click next and finish the file sharing. Now you would see something like below. 
 

Go to the Debian Terminal and use the following command to check the file is been shared

in the sudo 

cd /mnt/hgfs and enter

now type ls to list the files. 


you can create a symbolic link to your desktop and access the files too 

in the terminal run the following command 

 ln -s /mnt/hgfs/forensics ~/Desktop/myData



Now you can see the shared folder in the Debian. 
 








at No comments:
Subscribe to: Posts (Atom)

Http vs Https