In this tutorial, i will guide you to top 10 important and famous command prompt commands with their usage.
1. ipconfig :
This is the topmost command for seeing the IP address,subnet mask and default gateway also includes the display and flush DNS cache, re-register the system name in DNS. This will most useful tool for viewing and troubleshooting TCP/IP problem.
- To view IP ,subnet mask address : ipconfig
- To view all TCP/IP information, use: ipconfig /all
- To view the local DNS cache, use: ipconfig /displaydns
- To delete the contents of the local DNS cache, use: ipconfig /flushdns
Have a need to display operating system configuration information for a local or remote machine, including service pack levels? Then systeminfo is the tool to use. When I need to connect to a system that I am not familiar with, this is the first tool I run. The output of this command gives me all the info I need including: host name, OS type, version, product ID, install date, boot time and hardware info (processor and memory). Also knowing what hot fixes are installed can be a big help when troubleshooting problems. This tool can be used to connect to a machine remotely using the following syntax: SYSTEMINFO /S system /U user
3. tasklist and taskkill
If you are used to Windows Task Manager, then you’ll find tasklist very easy to use. This tool displays a list of currently running processes, including image name, PID (Process ID) and memory usage on local or remote machines. Using the /V switch displays more information in verbose mode that includes, CPU Time, user name, and modules. Tasklist includes a filter option to display a set of task based on the criteria specified. But the best use of the filter is using it to display programs running inside svchost.exe process.
Of course, there will be times when a process needs to be killed and taskkill can be used to terminate those trouble processes. A single or multiple processes can be killed using the PID (/PID ) or image name (/IM ). Here are two examples for doing just that:
TASKKILL /IM notepad.exe
TASKKILL /PID 1230 /PID 1241 /PID 1253 /T
Both tasklist and taskkill can connect to remote systems using the /S (system name) /U (user name) switches.
type is used to read the text document in command prompt . You can read multiple texts in continuously
Need to know who (or what) is making a connection to your computer? Then netstat is the tool you want to run. The output provides valuable information of all connections and listening ports, including the executable used in the connections. In addition to the above info, you can view Ethernet statistics, and resolve to connect host IP Addresses to a fully qualified domain name. I usually run the netstat command using the -a (displays all connection info), -n (sorts in numerical form) and -b (displays executable name) switches.
Although this tool is more known as a command, the net command is really like a power drill with different bits and is used to update, fix, or view the network or network settings.
It is mostly used for viewing (only services that are started), stopping and starting services:
- net stop the server
- net start the server
- net start (display running services)
and for connecting (mapping) and disconnecting with shared network drives:
- net use m: \myserversharename
- net use m: \myserversharename /delete
Other commands used with the net command are, accounts (manage user accounts), net print (manage print jobs), and net share (manage shares).
Below are all the options that can be used with the net command.
[ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |HELPMSG | LOCALGROUP | PAUSE | PRINT | SESSION | SHARE | START |STATISTICS | STOP | TIME | USE | USER | VIEW ]
7 – nslookup – With the Internet, DNS (Domain Name Service) is the key for allowing us to use friendly names when surfing the web instead of needing to remember IP Addresses. But when there are problems, nslookup can be a valuable tool for testing and troubleshooting DNS servers.
Nslookup can be run in two modes: interactive and noninteractive. The noninteractive mode is useful when only a single piece of data needs to be returned. For example, to resolve google.com:
To use the interactive mode, just type nslookup at the prompt. To see all available options, type help while in interactive mode.
Don’t let the help results intimidate you. Nslookup is easy to use. Some of the options I use when troubleshooting are:
set ds (displays detailed debugging information of behind the scenes communication when resolving a host or IP Address).
set domain (sets the default domain to use when resolving, so you don’t need to type the fully qualified name each time).
set type (sets the query record type that will be returned, such as A, MX, NS)
server NAME (allows you to point nslookup to use other DNS servers than what is configured on your computer)
To exit out of interactive mode, type exit .
8 – ping and tracert – These tools can be helpful with connectivity to other systems. Ping will test whether a particular host is reachable across an IP network, while tracert (traceroute) is used to determine the route taken by packets across an IP network.
To ping a system just type at the prompt: ping www.google.com. By default, ping will send three ICMP request to the host and listen for ICMP “echo response” replies. Ping also includes switches to control the number of echo requests to send (-n ), and to resolve IP addresses to the hostname (-a ).
To use tracert, type at the prompt: tracert www.google.com. You can force tracert to not resolve address to host names by using the -d switch, or set the desired timeout (milliseconds) for each reply using -w switch.
9 – gpresult – Used mostly in environments that implement group policies, gpresults (Group Policy Results) verify all policy settings in effect for a specific user or computer. The command is simple to use, just enter gpresults at the prompt. It can also be used to connect to computers remotely using the /S and /U switches.
10 – netsh – Without a doubt the most powerful command line tool available in Windows. Netsh is like the swiss army knife for configuring and monitoring Windows computers from the command prompt. Its capabilities include:
- Configure interfaces
- Configure routing protocols
- Configure filters
- Configure routes
- Configure remote access behaviour for Windows-based remote access routers that are running the Routing and Remote Access Server (RRAS) Service
- Display the configuration of a currently running router on any computer
Some examples of what you can do with netsh:
- Enable or disable Windows firewall:
netsh firewall set opmode disable
netsh firewall set opmode disable
- Enable or disable ICMP Echo Request (for pinging) in Windows firewall:
netsh firewall set icmpsetting 8 enable
netsh firewall set icmpsetting 8 disable
- Configure your NIC to automatically obtain an IP address from a DHCP server:
netsh interface ip set address “Local Area Connection” dhcp
(For the above command, if your NIC is named something else, use netsh interface ip show config and replace the name at Local Area Connection).
As you can see netsh can do a lot. Instead of re-inventing the wheel, check out the following Microsoft article for more info on netsh.
Latest posts by Unallocated Author (see all)
- Your Ultimate Antivirus Software Guide - November 19, 2019
- 6 OSINT Tools That Make a Pentester’s Life Easier - November 18, 2019
- Cyber Security Threats to Consider in 2019 and Beyond - November 15, 2019