cmdϵÄÖØÒª¾W½jÃüÁî,cmdÖØÒªÃüÁî
Windows½Å±¾ºÜ¶àÊÂÓýű¾À´×öÊǺܼò½àµÄ¡£ÏÂÃæ¸ø³ö¼¸¸ö³£Óýű¾µÄecho°æ¡£
1£¬ÏÔʾϵͳ°æ±¾
@echo for each ps in getobject _ ps.vbs
@echo ("winmgmts://./root/cimv2:win32operatingsystem").instances ps.vbs
@echo wscript.echo ps.caption^" "^ps.version:next ps.vbs
cscript //nologo ps.vbs del ps.vbs
2£¬Áоٽø³Ì
@echo for each ps in getobject _ ps.vbs
@echo ("winmgmts://./root/cimv2:win32process").instances ps.vbs
@echo wscript.echo ps.handle^vbtab^ps.name^vbtab^ps.executablepath:next ps.vbs
cscript //nologo ps.vbs del ps.vbs
3£¬ÖÕÖ¹½ø³Ì
@echo for each ps in getobject _ pk.vbs
@echo ("winmgmts://./root/cimv2:win32process").instances pk.vbs
@echo if ps.handle=wscript.arguments(0) then wscript.echo ps.terminate:end if:next pk.vbs
ÒªÖÕÖ¹PIDΪ123µÄ½ø³Ì£¬Ê¹ÓÃÈçÏÂÓï·¨£º
cscript pk.vbs 123
Èç¹ûÏÔʾһ¸ö0£¬±íʾÖÕÖ¹³É¹¦¡£
È»ºó£º
del pk.vbs
4£¬ÖØÆôϵͳ
@echo for each os in getobject _ rb.vbs
@echo ("winmgmts:{(shutdown)}!//./root/cimv2:win32operatingsystem").instances rb.vbs
@echo os.win32shutdown(2):next rb.vbs cscript //nologo rb.vbs del rb.vbs
5£¬ÁоÙ×ÔÆô¶¯µÄ·þÎñ
@echo for each sc in getobject("winmgmts://./root/cimv2:win32service").instances sc.vbs
@echo if sc.startmode="Auto" then wscript.echo sc.name^" - "^sc.pathname sc.vbs
@echo next sc.vbs cscript //nologo sc.vbs del sc.vbs
6£¬ÁоÙÕýÔÚÔËÐеķþÎñ
@echo for each sc in getobject("winmgmts://./root/cimv2:win32service").instances sc.vbs
@echo if sc.state="Running" then wscript.echo sc.name^" - "^sc.pathname sc.vbs
@echo next sc.vbs cscript //nologo sc.vbs del sc.vbs
7£¬ÏÔʾϵͳ×îºóÒ»´ÎÆô¶¯µÄʱ¼ä
@echo for each os in getobject _ bt.vbs
@echo ("winmgmts://./root/cimv2:win32operatingsystem").instances bt.vbs
@echo wscript.echo os.lastbootuptime:next bt.vbs cscript //nologo bt.vbs del bt.vbs
netsh
ÔÚÔ¶³ÌshellÖÐʹÓÃnetshÊ×ÏÈÒª½â¾öÒ»¸ö½»»¥·½Ê½µÄÎÊÌâ¡£Ç°ÃæËµ¹ý£¬ºÜ¶àshell²»ÄÜÔÙ´ÎÖØ¶¨ÏòÊä³öÊä³ö£¬ËùÒÔ²»ÄÜÔÚÕâÖÖ»·¾³Ï½»»¥µØÊ¹ÓÃftpµÈÃüÁîÐй¤¾ß¡£½â¾öµÄ°ì·¨ÊÇ£¬Ò»°ã½»»¥Ê½µÄ¹¤¾ß¶¼ÔÊÐíʹÓýű¾£¨»òÕß½ÐÓ¦´ðÎļþ£©¡£±ÈÈçftp -s:filename¡£netshÒ²ÊÇÕâÑù£ºnetsh -f filename¡£
netshÃüÁîµÄ¹¦Äܷdz£¶à£¬¿ÉÒÔÅäÖÃIAS¡¢DHCP¡¢RAS¡¢WINS¡¢NAT·þÎñÆ÷£¬TCP/IPÐÒ飬IPXÐÒ飬·Óɵȡ£ÎÒÃDz»ÊǹÜÀíÔ±£¬Ò»°ãû±ØÒªÁ˽âÕâô¶à£¬Ö»ÐèÓÃnetshÀ´Á˽âÄ¿±êÖ÷»úµÄÍøÂçÅäÖÃÐÅÏ¢¡£
1£¬TCP/IPÅäÖÃ
echo interface ip s
echo show config s
netsh -f s
del s
ÓÉ´ËÄã¿ÉÒÔÁ˽â¸ÃÖ÷»úÓжà¸öÍø¿¨ºÍIP£¬ÊÇ·ñÊǶ¯Ì¬·ÖÅäIP(DHCP)£¬ÄÚÍøIPÊǶàÉÙ£¨Èç¹ûÓеϰ£©¡£
µçÄX֪ʶ
Õâ¸öÃüÁîºÍipconfig /all²î²»¶à¡£
×¢Ò⣬ÒÔÏÂÃüÁîÐèҪĿ±êÖ÷»úÆô¶¯remoteaccess·þÎñ¡£Èç¹ûËü±»½ûÓã¬ÇëÏÈͨ¹ýµ¼Èë×¢²á±í½â½û£¬È»ºó
net start remoteaccess
2£¬ARP
echo interface ip s
echo show ipnet s
netsh -f s
del s
Õâ¸ö±Èarp -aÃüÁî¶àÒ»µãÐÅÏ¢¡£
3£¬TCP/UDPÁ¬½Ó
echo interface ip s
echo show tcpconn s
echo show udpconn s
netsh -f s
del s
Õâ×éÃüÁîºÍnetstat -anÒ»Ñù¡£
4£¬Íø¿¨ÐÅÏ¢
Èç¹ûnetshÃüÁî¶¼ÓÐÆäËûÃüÁî¿É´úÌæ£¬ÄÇËü»¹ÓÐʲô´æÔڵıØÒªÄØ£¿ÏÂÃæÕâ¸ö¾ÍÕÒ²»µ½´úÌæµÄÁË¡£
echo interface ip s
echo show interface s
netsh -f s
del s
netshµÄÆäËû¹¦ÄÜ£¬±ÈÈçÐÞ¸ÄIP£¬Ò»°ãûÓбØÒªÊ¹Óã¨ÍòÒ»¸ÄÁËIPºóÁ¬²»ÉÏ£¬¾Í"½ÐÌì²»Ó¦½ÐµØ²»Áé"ÁË£©£¬ËùÒÔÈ«²¿ÂÔ¹ý¡£
IPSec
Ê×ÏÈÐèÒªÖ¸³öµÄÊÇ£¬IPSecºÍTCP/IPɸѡÊDz»Í¬µÄ¶«Î÷£¬´ó¼Ò²»Òª»ìÏýÁË¡£TCP/IPɸѡµÄ¹¦ÄÜÊ®·ÖÓÐÏÞ£¬Ô¶²»ÈçIPSecÁé»îºÍÇ¿´ó¡£ÏÂÃæ¾Í˵˵ÈçºÎÔÚÃüÁîÐÐÏ¿ØÖÆIPSec¡£
XPϵͳÓÃipseccmd£¬2000ÏÂÓÃipsecpol¡£Òź¶µÄÊÇ£¬ËüÃǶ¼²»ÊÇϵͳ×Ô´øµÄ¡£ipseccmdÔÚxpϵͳ°²×°Å̵ÄSUPPORT/TOOLS/SUPPORT.CABÖУ¬ipsecpolÔÚ2000 Resource KitÀï¡£¶øÇÒ£¬ÒªÊ¹ÓÃipsecpol»¹±ØÐë´øÉÏÁíÍâÁ½¸öÎļþ£ºipsecutil.dllºÍtext2pol.dll¡£Èý¸öÎļþÒ»¹²119KB¡£
IPSec¿ÉÒÔͨ¹ý×é²ßÂÔÀ´¿ØÖÆ£¬µ«ÎÒÕÒ±éMSDN£¬Ò²Ã»ÓÐÕÒµ½ÏàÓ¦µÄ°²È«Ä£°åµÄÓï·¨¡£ÒѾÅäÖúõÄIPSec²ßÂÔÒ²²»Äܱ»µ¼³öΪģ°å¡£ËùÒÔ£¬×é²ßÂÔÕâÌõ·×ß²»Í¨¡£IPSecµÄÉèÖñ£´æÔÚ×¢²á±íÖÐ(HKEY_LOCAL_MACHINE/SOFTWARE/Policies/Microsoft/Windows/IPSec/Policy/Local)£¬ÀíÂÛÉÏ¿ÉÒÔͨ¹ýÐÞ¸Ä×¢²á±íÀ´ÅäÖÃIPSec¡£µ«ºÜ¶àÐÅÏ¢ÒÔ¶þ½øÖÆÐÎʽ´æ·Å£¬¶ÁÈ¡ºÍÐ޸ͼºÜÀ§ÄÑ¡£Ïà±È֮ϣ¬ÉÏ´«ÃüÁîÐй¤¾ß¸ü·½±ã¡£
¹ØÓÚipsecpolºÍipseccmdµÄ×ÊÁÏ£¬ÍøÉÏ¿ÉÒÔÕÒµ½ºÜ¶à£¬Òò´Ë±¾ÎľͲ»Ï¸ËµÁË£¬Ö»ÊÇÁоÙһЩʵÓõÄÀý×Ó¡£
ÔÚÉèÖÃIPSec²ßÂÔ·½Ã棬ipseccmdÃüÁîµÄÓï·¨ºÍipsecpol¼¸ºõÍêȫһÑù£¬ËùÒÔÖ»ÒÔipsecpolΪÀý£º
1£¬·ÀÓùrpc-dcom¹¥»÷
ipsecpol -p myfirewall -r rpc-dcom -f +0:135:tcp +0:135:udp +0:137:udp +0:138:udp +0:139:tcp +0:445:tcp +0:445:udp -n BLOCK -w reg -x
ÕâÌõÃüÁî¹Ø±ÕÁ˱¾µØÖ÷»úµÄTCP135,139,445ºÍudp135,137,138,445¶Ë¿Ú¡£
¾ßÌ庬ÒåÈçÏ£º
-p myfirewall Ö¸¶¨²ßÂÔÃûΪmyfirewall
-r rpc-dcom Ö¸¶¨¹æÔòÃûΪrpc-dcom
-f ...... ½¨Á¢7¸öɸѡÆ÷¡£±íʾÈκεØÖ·(Ô´)£»0±íʾ±¾»úµØÖ·(Ä¿±ê)£»+±íʾ¾µÏñ(Ë«Ïò)ɸѡ¡£ÏêϸÓï·¨¼ûipsecpol -?
-n BLOCK Ö¸¶¨É¸Ñ¡²Ù×÷ÊÇ"×èÈû"¡£×¢Ò⣬BLOCK±ØÐëÊÇ´óд¡£
-w reg ½«ÅäÖÃдÈë×¢²á±í£¬ÖØÆôºóÈÔÓÐЧ¡£
-x Á¢¿Ì¼¤»î¸Ã²ßÂÔ¡£
2£¬·ÀÖ¹±»ping
ipsecpol -p myfirewall -r antiping -f +0::icmp -n BLOCK -w reg -x
Èç¹ûÃûΪmyfirewallµÄ²ßÂÔÒÑ´æÔÚ£¬Ôòantiping¹æÔò½«Ìí¼ÓÖÁÆäÖС£
×¢Ò⣬¸Ã¹æÔòͬʱҲ×èÖ¹Á˸ÃÖ÷»úping±ðÈË¡£
3£¬¶ÔºóÃŽøÐÐIPÏÞÖÆ
¼ÙÉèÄãÔÚijÖ÷»úÉϰ²×°ÁËDameWare Mini Remote Control¡£ÎªÁ˱£»¤Ëü²»±»±ðÈ˱©ÆÆÃÜÂë»òÒç³ö£¬Ó¦¸ÃÏÞÖÆ¶ÔÆä·þÎñ¶Ë¿Ú6129µÄ·ÃÎÊ¡£
ipsecpol -p myfw -r dwmrc_block_all -f +0:6129:tcp -n BLOCK -w reg
ipsecpol -p myfw -r dwmrc_pass_me -f 123.45.67.89+0:6129:tcp -n PASS -w reg -x
ÕâÑù¾ÍÖ»ÓÐ123.45.67.89¿ÉÒÔ·ÃÎʸÃÖ÷»úµÄ6129¶Ë¿ÚÁË¡£
Èç¹ûÄãÊǶ¯Ì¬IP£¬Ó¦¸Ã¸ù¾ÝIP·ÖÅäµÄ·¶Î§ÉèÖùæÔò¡£±ÈÈ磺
ipsecpol -p myfw -r dwmrc_block_all -f +0:6129:tcp -n BLOCK -w reg
ipsecpol -p myfw -r dwmrc_pass_me -f 123.45.67.+0:6129:tcp -n PASS -w reg -x
ÕâÑù¾ÍÔÊÐí123.45.67.1ÖÁ123.45.67.254µÄIP·ÃÎÊ6129¶Ë¿Ú¡£
ÔÚд¹æÔòµÄʱºò£¬Ó¦¸ÃÌØ±ðСÐÄ£¬²»Òª°Ñ×Ô¼ºÒ²×èÈûÁË¡£Èç¹ûÄ㲻ȷ¶¨Ä³¸ö¹æÔòµÄЧ¹ûÊÇ·ñºÍÔ¤ÏëµÄÒ»Ñù£¬¿ÉÒÔÏÈÓüƻ®ÈÎÎñ"ÁôϺó·"¡£ÀýÈ磺
c:/net start schedule
Task Scheduler ·þÎñÕýÔÚÆô¶¯ ..
Task Scheduler ·þÎñÒѾÆô¶¯³É¹¦¡£
c:/time /t
12:34
c:/at 12:39 ipsecpol -p myfw -y -w reg
мÓÁËÒ»Ïî×÷Òµ£¬Æä×÷Òµ ID = 1
È»ºó£¬ÄãÓÐ5·ÖÖÓʱ¼äÉèÖÃÒ»¸ömyfw²ßÂÔ²¢²âÊÔËü¡£5·ÖÖÓºó¼Æ»®ÈÎÎñ½«Í£Ö¹¸Ã²ßÂÔ¡£
Èç¹û²âÊÔ½á¹û²»ÀíÏ룬¾Íɾ³ý¸Ã²ßÂÔ¡£
c:/ipsecpol -p myfw -o -w reg
×¢Ò⣬ɾ³ý²ßÂÔǰ±ØÐëÏÈÈ·±£ËüÒÑÍ£Ö¹¡£²»Í£Ö¹ËüµÄ»°£¬¼´Ê¹É¾³ýÒ²»áÔÚÒ»¶Îʱ¼äÄÚ¼ÌÐøÉúЧ¡£³ÖÐøÊ±¼äÈ¡¾öÓÚ²ßÂÔµÄË¢ÐÂʱ¼ä£¬Ä¬ÈÏÊÇ180·ÖÖÓ¡£
Èç¹û²âÊÔͨ¹ý£¬ÄÇô¾ÍÆôÓÃËü¡£
c:/ipsecpol -p myfw -x -w reg
×îºó˵һϲ鿴IPSec²ßÂԵİ취¡£
¶ÔÓÚXPºÜ¼òµ¥£¬Ò»ÌõÃüÁî¸ã¶¨--ipseccmd show filters
¶øipsecpolûÓвéѯµÄ¹¦ÄÜ¡£ÐèÒªÔÙÓÃÒ»¸öÃüÁîÐй¤¾ßnetdiag¡£ËüλÓÚ2000ϵͳ°²×°Å̵ÄSUPPORT/TOOLS/SUPPORT.CABÖС££¨ÒѾÉÏ´«ÁËÈý¸öÎļþ£¬Ò²¾Í²»ÔÚºõ¶àÒ»¸öÁË¡£^_^£©
netdiagÐèÒªRemoteRegistry·þÎñµÄÖ§³Ö¡£ËùÒÔÏÈÆô¶¯¸Ã·þÎñ£º
net start remoteregistry
²»Æô¶¯RemoteRegistry¾Í»áµÃµ½Ò»¸ö´íÎó£º
[FATAL] Failed to get system information of this machine.
netdiagÕâ¸ö¹¤¾ß¹¦ÄÜÊ®·ÖÇ¿´ó£¬ÓëÍøÂçÓйصÄÐÅÏ¢¶¼¿ÉÒÔ»ñÈ¡£¡²»¹ý£¬Êä³öµÄÐÅÏ¢ÓÐʱ¹ýÓÚÏêϸ£¬³¬¹ýÃüÁîÐпØÖÆÌ¨cmd.exeµÄÊä³ö»º´æ£¬¶ø²»ÊÇÿ¸öÔ¶³Ìcmd shell¶¼¿ÉÒÔÓÃmoreÃüÁîÀ´·ÖÒ³µÄ¡£
²é¿´ipsec²ßÂÔµÄÃüÁîÊÇ£º
netdiag /debug /test:ipsec
È»ºóÊÇÒ»³¤´®Êä³öÐÅÏ¢¡£IPSec²ßÂÔλÓÚ×îºó¡£
Èí¼þ°²×°
Ò»¸öÈí¼þ/¹¤¾ßµÄ°²×°¹ý³Ì£¬Ò»°ãÀ´ËµÖ»ÊÇ×öÁ½¼þÊ£º¿½±´Îļþµ½Ìض¨Ä¿Â¼ºÍÐÞ¸Ä×¢²á±í¡£Ö»Òª¸ãÇå³þ¾ßÌåµÄÄÚÈÝ£¬ÄÇô¾Í¿ÉÒÔ×Ô¼ºÔÚÃüÁîÐÐÏÂʵÏÖÁË¡££¨²»¿¼Âǰ²×°ºóÐèҪע²á¼¤»îµÈÇé¿ö£©
WinPcapÊǸöºÜ³£ÓõŤ¾ß£¬µ«±ØÐëÔÚ´°¿Ú½çÃæÏ°²×°¡£ÔÚÍøÉÏÒ²¿ÉÒÔÕÒµ½²»ÓÃGUIµÄ°æ±¾£¨µ«»¹ÊÇÓаæÈ¨Ò³£©£¬ÆäʵÎÒÃÇÍêÈ«¿ÉÒÔ×Ô¼º×öÒ»¸ö¡£
ÒÔWinPcap 3.0a ΪÀý¡£Í¨¹ý±È½Ï°²×°Ç°ºóµÄÎļþϵͳºÍ×¢²á±í¿ìÕÕ£¬ºÜÈÝÒ×Á˽âÕû¸ö°²×°¹ý³Ì¡£
³ýÈ¥·´°²×°µÄ²¿·Ö£¬¹Ø¼üµÄÎļþÓÐÈý¸ö£ºwpcap.dll£¬packet.dllºÍnpf.sys¡£Ç°ÃæÁ½¸öÎļþλÓÚsystem32Ŀ¼Ï£¬µÚÈý¸öÔÚsystem32/driversÏ¡£¶ø×¢²á±íµÄ±ä»¯ÊÇÔö¼ÓÁËÒ»¸öϵͳ·þÎñNPF¡£×¢Ò⣬ÊÇϵͳ·þÎñ£¨¼´Çý¶¯£©²»ÊÇWin32·þÎñ¡£
×÷Ϊϵͳ·þÎñ£¬²»µ«ÒªÔÚHKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/ServicesÏÂÔö¼ÓÖ÷¼ü£¬ÔÚHKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Enum/RootÏÂÒ²Ôö¼ÓÖ÷¼ü¡£¶øºóÕßĬÈÏÖ»ÓÐSYSTEMÉí·Ý²Å¿ÉÒÔÐ޸ġ£ÐÒÔ˵ÄÊÇ£¬²¢²»ÐèÒªÊÖ¶¯Ìí¼ÓËü£¬winpcap±»µ÷ÓÃʱ»á×Ô¶¯¸ã¶¨¡£ÉõÖÁÍêÈ«²»ÓÃÊÖ¶¯ÐÞ¸Ä×¢²á±í£¬ËùÓеÄÊÂwinpcap¶¼»á×Ô¼ºÍê³É£¬Ö»ÐèÒª½«Èý¸öÎļþ¸´ÖƵ½ºÏÊʵÄλÖþÍÐÐÁË¡£
×÷Ϊ·¶Àý£¬»¹ÊÇÑÝʾһÏÂÈçºÎÐÞ¸Ä×¢²á±í£ºÀûÓÃÇ°ÃæËµ¹ýµÄinfÎļþÀ´ÊµÏÖ¡£
[Version]
Signature="$WINDOWS NT$"
[DefaultInstall.Services]
AddService=NPF,,winpcap_svr
[winpcap_svr]
DisplayName=Netgroup Packet Filter
ServiceType=0x1
StartType=3
ErrorControl=1
ServiceBinary=%12%/npf.sys
½«ÉÏÃæÕâЩÄÚÈݱ£´æÎªwpcap.infÎļþ¡£
ÔÙдһ¸öÅú´¦Àíwpcap.bat£º
rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %CD%/wpcap.inf
del wpcap.inf
if /i %CD%==%SYSTEMROOT%/system32 goto COPYDRV
copy packet.dll %SYSTEMROOT%/system32/
copy wpcap.dll %SYSTEMROOT%/system32/
del packet.dll
del wpcap.dll
:COPYDRV
if /i %CD%==%SYSTEMROOT%/system32/drivers goto END
copy npf.sys %SYSTEMROOT%/system32/drivers/
del npf.sys
:END
del %0
È»ºóÓÃwinrar½«ËùÓÐÎļþ£¨5¸ö£©´ò°üΪ×Ô½âѹµÄexe£¬²¢½«¡º¸ß¼¶×Ô½âѹѡÏî¡»-¡º½âѹºóÔËÐС»ÉèÖÃΪwpcap.bat£¬ÃüÁîÐеÄwinpcap°²×°°ü¾ÍÖÆ×÷Íê³ÉÁË¡£
×¢Ò⣬Åú´¦Àí×îºóÒ»ÐÐûÓлسµ·û¡£·ñÔò»áÒòΪÕýÔÚÔËÐжøÎÞ·¨É¾³ý×Ô¼º¡£
ËùÓеÄÈí¼þ°²×°£¬»ù±¾ÉÏ¿ÉÒÔÌ×ÓÃÕâ¸ö˼·¡£µ«Ò²ÓÐÀýÍâµÄ£¬ÄǾÍÊÇϵͳ²¹¶¡µÄ°²×°¡£
ÓÉÓÚϵͳ²¹¶¡ÓпÉÄÜÒªÌæ»»ÕýÔÚ±»Ö´Ðлò·ÃÎʵÄÎļþ£¬ËùÒÔÓÃcopyÃüÁîÊDz»Ðеġ£
ÐҺã¬Windows²¹¶¡°üÖ§³ÖÃüÁîÐа²×°¡£
±ÈÈ磺
KB824146.exe -n -z -q
-n ²»±£Áô±¸·Ý
-z ²»ÖØÆð
-q °²¾²Ä£Ê½
Èç¹ûÓÐÒ»¶Ñ²¹¶¡Òª´ò£¬ÄÇôÓÃRAR´ò°ü³É×Ô½âѹÎļþ£¬Íâ¼ÓÒ»¸öÅú´¦Àí¡£
for %%f in (KB??????.exe) do %%f -n -z -q
for %%f in (KB??????.exe) do del %%f
del %0
±¾ÎÄ·¢²¼ÓÚ2012Äê12ÔÂ29ÈÕ11:51
£¬ÒѾ¹ýÁË4582Ì죬ÈôÄÚÈÝ»òͼƬʧЧ£¬ÇëÁôÑÔ·´À¡
×ªÔØÇë×¢Ã÷³ö´¦: Íø¼ÊÍø
±¾ÎĵÄÁ´½ÓµØÖ·: /ruanjing/343.html
ÔÝÎÞÆÀÂÛ