HOW TO GADGET HACKS INVISIVERSE NEXT REALITY DRIVERLESS NULL BYTE
HACK LIKE A PRO
Windows CMD Remote Commands for the Aspiring Hacker, Part 1
BY OCCUPYTHEWEB 10/22/2015 7:54 PM HACK LIKE A PRO
Welcome back, my greenhorn hackers!
Many new hackers come from a Windows background, but seldom, if ever, use its built-in command-line tools. As a hacker, you will often be forced to control the target system using just Windows commands and no GUI.
Although we would love to get Metasploit's Meterpreter on the target and use all its capabilities on the owned system, that is not always possible. Some exploits will only allow us to get a CMD shell on the target Windows system.
In these cases, you will need to understand how to control the system strictly through the command prompt, without ever having the convenience and familiarity of the Windows GUI.
What I want to do in this tutorial is demonstrate some Windows commands on a Windows 7 system (Windows 7 is still over 50% of the installed base of Windows systems), but these commands change very little from Windows version to Windows version. I will be running the Windows commands from a remote Kali system on the target.
Step 1
Connect to a Remote Windows System from Kali
Windows makes a distinction between commands that can be run while physically on the system and those that can be run remotely. We can't assume that a command we can run while on the system will run remotely.
Here, we are only interested in those that can be run remotely. In my case, I will be connecting to the target system with a Netcat connection, but a Metasploit-spawned command shell or other will work just as well.
Step 2
Basic Commands
In many ways, Windows CMD commands are similar to Linux/Unix commands (Unix preceded these commands by over a decade, and Microsoft borrowed heavily from it). At its most basic, we need to change directories within the file system. Like Linux, Windows uses the cd (change directory) command. To travel to the root of the directory system, we can just type:
cd \
In addition, we can move up one level in the directory structure by typing:
cd ..
If we want to see the contents of a directory, we type dir as seen above. Some other key and basic commands include:
del <filename>
This will delete the file, similar to the Linux rm.
type <filename>
This will display the contents of the file, similar to the Linux cat.
As you can see below, I used type to display the contents of the confidentialfile.txt. I then del (delete) the confidentialfile.txt, and when I return to display the contents of it again, I get the message that "The system cannot find the specified file."
To create a new directory, we use the md (make directory) command (in Linux, it's mkdir). To create a directory named "newdirectory," we type:
md newdirectory
After making newdirectory, we can now run dir and see the new directory that we created.
Step 3
Network Commands
When we are on the remote system, we may need networking information. To do so, we have two basic commands, ipconfig and netstat. Ipconfig is very similar to the Linux ifconfig, as seen below.
To view the network connections of the system, we can type netstat, just like in Linux.
netstat
Step 4
View Processes
Often, when we are on a remote system, we will need to see a listing of the running processes. From the GUI, of course, we can use the Task Manager (Ctrl + Alt + Del), but from the command prompt, we use tasklist.
tasklist
If we want to find a single process, we could use the filter findstr (find string). This works similarly to grep in Linux. So, to find the process named "explorer," we could type:
tasklist | findstr explorer
Note, that we used the pipe (|), just like in Linux, to send the results from the tasklist command to the filtering command, findstr.
If I want to kill a process, I can use the taskkill command. It requires the PID of the process we want to kill. In this case, the explorer process has a PID of 1532, so to kill it, I can type:
taskkill /PID 1532 /F
Where the /F means to force the kill.
Step 5
Find the User Accounts
If we want to see the users on the target system, we can type:
net users
As you can see, this system has three users: guest, administrator, and the aptly named victim.
Step 6
Run a Browser on the Target
While operating the system from the command prompt, we can execute some applications, such as the web browser. Internet Explorer is named iexplore on the command prompt, and we can find it either in the "Program Files" with the 64-bit version or "Program Files (x86)" with the 32-bit version. So, if I want to open Internet Explorer on the remote system from the command prompt and have it open wonderhowto.com, I would type:
iexplore www.wonderhowto.com
When we do, this opens Internet Explorer on the target system and goes to wonderhowto.com, as you can see below.
This might be really useful if you had a malicious XSS link set up and needed the target to go to a web server. Furthermore, we might just want the target system to go to our web server on Kali. We could start the Apache web server and then direct the target system to our web server where we may have some malicious software.
We can type:
iexplore <IP address>
As you can see below, we have directed the target system to our web server on Kali.
Keep coming back, my greenhorn hackers, as we develop the most valuable skill set in the 21st century—hacking!
Cover image via Shutterstock
Related
HOW TO HACK DATABASES
Running CMD Commands from an Online MS SQL Server
HACK LIKE A PRO
How to Exploit and Gain Remote Access to PCs Running Windows XP
HACK LIKE A PRO
Scripting for the Aspiring Hacker, Part 3 (Windows PowerShell)
HOW TO
Reset Windows Password with a Windows CD or a Linux CD
NEWS
How to Study for the White Hat Hacker Associate Certification (CWA)
HOW TO
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
HOW TO
Use Common Features of Windows Command Prompt
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 1 (Getting Started)
HOW TO
Hack Any Windows 7/8/10 User Password Without Logging In
HACKER HURDLES
DEP & ASLR
ADVICE FROM TYPO
Mastering CMD Like a Real Hacker, Part 1 (Colors)
HOW TO
The Essential Skills to Becoming a Master Hacker
HACK LIKE A PRO
Metasploit for the Aspiring Hacker, Part 13 (Web Delivery for Windows)
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 13 (Mounting Drives & Devices)
HOW TO
Hack Windows 7 (Become Admin)
HACK LIKE A PRO
Metasploit for the Aspiring Hacker, Part 14 (Creating Resource Script Files)
HACK LIKE A PRO
Metasploit for the Aspiring Hacker, Part 4 (Armitage)
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 15 (Creating a Secure Tunnel to MySQL)
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 9 (Managing Environmental Variables)
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 2 (Creating Directories & Files)
HOW TO
Change the default Windows Remote Desktop port
HACK LIKE A PRO
Linux Basics for the Aspiring Hacker, Part 6 (Networking Basics)
HOW TO
Install a Persistant Backdoor in Windows Using Netcat
HOW TO
Hack Wireless Router Passwords & Networks Using Hydra
GOODNIGHT BYTE
HackThisSite Walkthrough, Part 8 - Legal Hacker Training
HOW TO
Create a Reverse Shell to Remotely Execute Root Commands Over Any Open Port Using NetCat or BASH
HOW TO
Recover WinRAR and Zip Passwords
HACK LIKE A PRO
Hacking Samba on Ubuntu and Installing the Meterpreter
GOODNIGHT BYTE
HackThisSite Walkthrough, Part 6 - Legal Hacker Training
GOODNIGHT BYTE
HackThisSite Walkthrough, Part 7 - Legal Hacker
HOW TO
How Hackers Use Your IP Address to Hack Your Computer & How to Stop It
HOW TO
How Hackers Take Your Encrypted Passwords & Crack Them
HOW TO
Remotely Control Computers Over VNC Securely with SSH
HOW TO
Get onto the Windows CMD if it is blocked
NEWS
Student Sentenced to 8mo. in Jail for Hacking Facebook
13 Comments
2Phoenix750
PHOENIX750
1 YEAR AGO
Great idea for a series. I myself am not familiar with the Windows command line, so this series will be useful for me. Thanks.
-Phoenix750
REPLY
1Jeremiah Payne
JEREMIAH PAYNE
1 YEAR AGO
Same. I need to know this stuff better also.
REPLY
12535324
2535324
1 YEAR AGO
This is awesome! Can't wait to see more
REPLY
1tang xiao
TANG XIAO
1 YEAR AGO
to remove a directory, we can use rmdir. and with powershell,we can use tab just like in our familiar bash as. if some program not in the path env, we can't use it . so , you use iexplore in it's install path.
REPLY
4TripHat
TRIPHAT
1 YEAR AGO - EDITED 1 YEAR AGO
more tipz: if you just type from any location
explorer http://www.google.it
it will open the browser anyway. Just don't forget the http:// or it won't woAno
REPLY
Share Your Thoughts
YOU
LOGIN TO COMMENT
Click to share your thoughts
HOT LATEST
NEWS
You Can Now Use ProtonMail Even More Securely Through the Tor Network
HOW TO HACK WI-FI
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
HOW TO
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
HOW TO
Punchabunch Just Made SSH Local Forwarding Stupid Easy
HOW TO HACK WI-FI
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
HOW TO
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
HOW TO
Successfully Hack a Website in 2016!
HACK LIKE A PRO
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
HOW TO
Install Kali Live on a USB Drive (With Persistence, Optional)
HOW TO HACK WI-FI
Cracking WPA2-PSK Passwords Using Aircrack-Ng
HOW TO
Hack Android Using Kali (Remotely)
HACK LIKE A PRO
How to Spy on Anyone, Part 1 (Hacking Computers)
HOW TO
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
HOW TO
Use Acccheck to Extract Windows Passwords Over Networks
HOW TO HACK WI-FI
Breaking a WPS PIN to Get the Password with Bully
HACK LIKE A PRO
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
HOW TO
Hack Windows 7 (Become Admin)
HACK LIKE A PRO
Getting Started with Kali, Your New Hacking System
HACK LIKE A PRO
How to Remotely Install a Keylogger onto Your Girlfriend's Computer
HOW TO
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
ALL FEATURES
© 2017 WonderHowTo, Inc
No comments:
Post a Comment