Best cmd commands used in hacking – guide for newbies
Like you all know command prompt is one of the most powerful tool in Window PC. You can do almost anything in your Window PC from this tool. Here we make a list of best Cmd Commands used in Hacking.
If you wanna be a hacker learn these commands carefully.
In case you don’t know some of them, then just type the command on CMD and hit enter. A little help will show up on your screen. Read it to understand what that particular command does.
Let’s start easy…
This command will allow you to know if the host you pinging is alive, which means if it is up at the time of executing the “ping” command.
ping x.x.x.x (x is the IP address). You can try pinging 22.214.171.124 which belongs to Google
ping www.google.com (www.google.com is the website you want to ping, but you don’t know the IP)
This command has many functionalities. One is for resolving DNS into IP. Lets say you know the website URL but you don’t know its IP but you want to find it out.
Eg. nslookup www.google.com (www.google.com is the website for which you want to find out the IP)
Now, another really nice function of nslookup is to find out IP of specific Mail Severs
set type=mx (enter)
This command will give you the mail server IP of yahoo.com. You can use whatever server you want and if it is listed on DNS, then you get the IP. Simple, isn’t it? You can send a spoofed email to your friends using the IP address of the mail server. You can check the tutorial here for sending spoofed email.
This command will give you the hops that a packet will travel to reach its final destination. This command is really helpful if you know the route a packet takes before it goes to the target box.
tracert x.x.x.x (x is the IP address)
tracert www.google.com (www.google.com is the website you don’t know the IP)
READ Follow These 10 YouTube Channels for Learning Ethical Hacking Course Online
This command will show you the arp table. You can find out if anyone has done arp poisoning in your LAN using this command.
5. route : This command will show you the routing table, gateway, interface and metric.
This command will show you a lot of useful things like your IP, Gateway, DNS in use, etc. This command will give all that info but for all networks you might have it.
Also, in case you have a dynamic IP and want to change it, then type…
ipconfig /release (this will release your IP)
ipconfig /renew (this will renew your iP)
This command will show you connection stats
netstat -a (this will show you all the listening ports and connection with DNS names)
netstat -n (this will show you all the open connection with IP addresses)
netstat -an (this will combined both of the above)
net view x.x.x.x or computername (will list the available sharing folders on the target box)
This command reset Windows User Password without Knowing Old Password.
net user Prohacker *
Change Prohacker with your PC user name and press enter. Now type the new password.
Know more about this trick from below post.
Here are some additional CMD commands which will help you.
net use ipaddressipc$ “” /user:administrator
(this command will allow you to connect to the target as administrator)
Now if you want to connect to the target and browse the entire C drive, then use this command:
net use K: computernameC$
(this will create a virtual drive on your “my computer” folder)
Please not that this command will only work if the target PC/laptop has not set a Adminastrator Password.
And least but not last, the “help” command.
This command is very useful in finding what a particular command does, especially if you are a newby.
Hope you liked the CMD commands listed above. If you have found any command other than those listed above, kindly note them in the comments for our other readers.
Step 1: connect to a remote windows system from kali
Windows makes a distinction between commands that can be run while physically on the system and those that can be run remotely. We can’t assume that a command we can run while on the system will run remotely.
Here, we are only interested in those that can be run remotely. In my case, I will be connecting to the target system with a Netcat connection, but a Metasploit-spawned command shell or other will work just as well.
Step 2: basic commands
In many ways, Windows CMD commands are similar to Linux/Unix commands (Unix preceded these commands by over a decade, and Microsoft borrowed heavily from it). At its most basic, we need to change directories within the file system. Like Linux, Windows uses the cd (change directory) command. To travel to the root of the directory system, we can just type:
In addition, we can move up one level in the directory structure by typing:
If we want to see the contents of a directory, we type dir as seen above. Some other key and basic commands include:
This will delete the file, similar to the Linux rm.
This will display the contents of the file, similar to the Linux cat.
As you can see below, I used type to display the contents of the confidentialfile.txt. I then del (delete) the confidentialfile.txt, and when I return to display the contents of it again, I get the message that “The system cannot find the specified file.”
To create a new directory, we use the md (make directory) command (in Linux, it’s mkdir). To create a directory named “newdirectory,” we type:
After making newdirectory, we can now run dir and see the new directory that we created.
Step 3: network commands
When we are on the remote system, we may need networking information. To do so, we have two basic commands, ipconfig and netstat. Ipconfig is very similar to the Linux ifconfig, as seen below.
To view the network connections of the system, we can type netstat, just like in Linux.
Step 4: view processes
Often, when we are on a remote system, we will need to see a listing of the running processes. From the GUI, of course, we can use the Task Manager (Ctrl Alt Del), but from the command prompt, we use tasklist.
If we want to find a single process, we could use the filter findstr (find string). This works similarly to grep in Linux. So, to find the process named “explorer,” we could type:
tasklist | findstr explorer
Note, that we used the pipe (|), just like in Linux, to send the results from the tasklist command to the filtering command, findstr.
If I want to kill a process, I can use the taskkill command. It requires the PID of the process we want to kill. In this case, the explorer process has a PID of 1532, so to kill it, I can type:
taskkill /PID 1532 /F
Where the /F means to force the kill.