Windows command line reference – Part03
This blog post is continuation from Part01 and Part02.
18. List DLL's used by a program
- tasklist /fi “imagename eq iexplore.exe” /m
- /m – loads DLL’s loaded
19. Check process for a particular DLL
- tasklist /m kernel32.dll
20. Kill processes
- taskkill /PID “processID”
- Kill process with given PID
- taskkill /IM “processname”
- Kill processes with given process name
21. Service Details
- sc query “service name”
22. Configure Service
STOP
- sc stop
- “stop” will stop service in current session, on reboot this service will start again.
DISABLE
- sc config start= disabled
- Using sc config set start to disabled will stop service permanently.
For remote systems
- sc \remotemachine commands
22. WMIC help
- wmic /?:full
- WMIC on remote systems
c:\wmic /user:[username] /password:[password] /node:[remote system IP/name] [command to execute]
for list of sytems
/node:@[machines.txt]
23. wmic usage
- wmic [alias] get/list/create/delete
- wmic process list brief
- wmic process GET Name,ProcessID
- will list processes with Name and ProcessID
24. Get user account details with wmic
- wmic useraccount GET Name,SID
- wmic useraccount /?
- will list options available for useraccount running above command with other options will list all information. Based on need “GET” can be used to filter required fields.
25. List security patches
wmic qfe
- lists all patches
wmic qfe where Description=”Security Update” GET HotFixId,InstalledOn
- list updates with description as “Security Update” and filter only hotfixID and installed date
26. Using wmic to list mac address
wmic nicconfig get macaddress
Other useful commands , service, process, share, nicconfig, startup, useraccount, qfe (quick fix engineering)
27. Result formatting
- wmic /output:[path to file] aliases /format:[format]
Example: * wmic /output:c:\updates.html qfe /format:htable * /format /? will list all available format * /format:htable was selected for html format
References 1. Windows Commands 2. Windows command line cheat sheet 3. Command line kung-fu blog
— By Fabian Darius