Welcome, Guest |
You have to register before you can post on our site.
|
Forum Statistics |
» Members: 259
» Latest member: AlexRaz
» Forum threads: 20,172
» Forum posts: 24,870
Full Statistics
|
Online Users |
There are currently 1245 online users. » 1 Member(s) | 1242 Guest(s) Bing, Google, Dr-DokterDok
|
|
|
Comprehensive List of Hidec Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 02:08 AM - Forum: Batch & Shell Scripting
- Replies (1)
|
|
Comprehensive List of Hidec Commands with Descriptions
**Hidec** is a command-line utility used to run console applications or batch files silently, without displaying a command prompt window. This is particularly useful for scripts or commands that need to run in the background without user interaction. Below is a detailed list of Hidec commands, along with descriptions and examples.
1. Running a Command Silently
Description: Executes a specified command or script without displaying the command prompt window.
Example: To run `example.bat` silently:
Code: hidec.exe example.bat
2. Running a Command with Arguments
Description: Executes a specified command with arguments, hiding the command prompt window.
Code: hidec.exe [Command] [Arguments]
Example: To run `example.bat` with arguments `arg1` and `arg2` silently:
Code: hidec.exe example.bat arg1 arg2
3. Running a System Command Silently
Description: Executes a built-in system command, such as `dir`, without displaying the command prompt window.
Code: hidec.exe cmd /c [SystemCommand]
Example: To run the `dir` command silently:
Code: hidec.exe cmd /c dir
4. Running a Command with a Specific Working Directory
Description: Executes a command or script from a specified working directory without displaying the command prompt window.
Code: hidec.exe /d [Directory] [Command]
Example: To run `example.bat` from `C:\Scripts` silently:
Code: hidec.exe /d C:\Scripts example.bat
5. Running a Command and Redirecting Output to a File
Description: Executes a command silently and redirects the output to a specified file.
Code: hidec.exe [Command] > [OutputFile]
Example: To run `example.bat` and redirect output to `output.txt`:
Code: hidec.exe example.bat > output.txt
6. Running a Command Silently with Administrator Privileges
Description: Executes a command or script with elevated (Administrator) privileges, hiding the command prompt window. This typically requires using the `runas` command.
Code: hidec.exe runas /user:Administrator "cmd /c [Command]"
Example: To run `example.bat` as Administrator silently:
Code: hidec.exe runas /user:Administrator "cmd /c example.bat"
7. Running a Batch File Silently
Description: Executes a batch file without displaying the command prompt window.
Code: hidec.exe [BatchFile]
Example: To run `cleanup.bat` silently:
Code: hidec.exe cleanup.bat
8. Running a PowerShell Script Silently
Description: Executes a PowerShell script without displaying the PowerShell window.
Code: hidec.exe powershell -executionpolicy bypass -file [ScriptPath]
Example: To run `script.ps1` silently:
Code: hidec.exe powershell -executionpolicy bypass -file script.ps1
9. Running a Command and Logging Output to a File
Description: Executes a command or script silently and logs both standard output and error output to a specified file.
Code: hidec.exe [Command] > [LogFile] 2>&1
Example: To run `example.bat` and log all output to `log.txt`:
Code: hidec.exe example.bat > log.txt 2>&1
10. Running a Command and Appending Output to a File
Description: Executes a command silently and appends the output to a specified file.
Code: hidec.exe [Command] >> [OutputFile]
Example: To run `example.bat` and append output to `output.txt`:
Code: hidec.exe example.bat >> output.txt
11. Running a Command and Waiting for Completion
Description: Runs a command silently and waits for it to complete before returning control to the command prompt.
Code: hidec.exe /w [Command]
Example: To run `example.bat` and wait for it to finish:
Code: hidec.exe /w example.bat
12. Displaying Help Information
Description: Displays help information for the Hidec command, listing all available options and their descriptions.
Example: To display help information for Hidec:
Conclusion
The **Hidec** command is a useful utility for running scripts and commands in the background without displaying a command prompt window. By mastering these commands, you can effectively automate tasks, run background processes, and manage scripts discreetly on Windows systems.
Happy Scripting!
|
|
|
Comprehensive List of Handle Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 02:04 AM - Forum: Batch & Shell Scripting
- Replies (1)
|
|
Comprehensive List of Handle Commands with Descriptions
**Handle** is a command-line utility from Sysinternals that provides detailed information about open handles for any process in a Windows system. Below is a detailed list of Handle commands, along with descriptions and examples.
1. Display All Open Handles
Description: Lists all open handles in the system.
Example: To display all open handles in the system:
2. Filter Handles by Process Name
Description: Lists all open handles for a specific process by name.
Code: handle.exe [ProcessName]
Example: To display all open handles for the `notepad.exe` process:
Code: handle.exe notepad.exe
3. Filter Handles by Process ID (PID)
Description: Lists all open handles for a specific process by its PID.
Example: To display all open handles for the process with PID 1234:
4. Close a Specific Handle
Description: Closes a specific handle, typically used to release locked files.
Code: handle.exe -c [Handle] -p [PID]
Example: To close the handle `0x1234` for the process with PID 1234:
Code: handle.exe -c 0x1234 -p 1234
5. Filter Handles by Type
Description: Lists all handles of a specific type (e.g., File, Registry, Event) across all processes.
Code: handle.exe -t [Type]
Example: To list all file handles in the system:
6. Search for Handles to a Specific File or Object
Description: Searches for handles that are accessing a specific file or object path.
Code: handle.exe [ObjectPath]
Example: To find which processes have a handle open to `C:\Temp\file.txt`:
Code: handle.exe C:\Temp\file.txt
7. Display Handle Information with Details
Description: Displays detailed information about each handle, including the type, access, and object information.
Example: To display detailed information for all handles:
8. Show Handle Numbers in Hexadecimal Format
Description: Displays handle numbers in hexadecimal format, which is useful for closing specific handles.
Example: To display handle numbers in hexadecimal format:
9. List Handles for a Specific Object Type
Description: Lists all handles of a specific object type, such as `File`, `Mutant`, or `Section`.
Code: handle.exe -t [ObjectType]
Example: To list all `Mutant` (mutex) handles:
Code: handle.exe -t Mutant
10. Show Only Handles with Specific Access Rights
Description: Displays only handles that have specific access rights, such as `READ` or `WRITE`.
Code: handle.exe -a [AccessRights]
Example: To display handles with `WRITE` access rights:
11. Display Help Information
Description: Displays help information for the Handle command, listing all available options and their descriptions.
Example: To display help information for Handle:
Conclusion
The **Handle** command is a powerful utility for managing and inspecting open handles on a Windows system. By mastering these commands, you can efficiently troubleshoot locked files, diagnose system issues, and manage process resources.
Happy Troubleshooting!
|
|
|
Comprehensive List of GSAR Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 02:03 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of GSAR Commands with Descriptions
**GSAR** (Global Search And Replace) is a command-line utility used for performing search and replace operations on binary and text files. Below is a detailed list of GSAR commands, along with descriptions and examples.
1. Basic Search and Replace
Description: Replaces all occurrences of a specified search string with a replacement string in a file.
Code: gsar -s"search_string" -r"replacement_string" [file]
Example: To replace "foo" with "bar" in `example.txt`:
Code: gsar -s"foo" -r"bar" example.txt
2. Case-Insensitive Search and Replace
Description: Replaces all occurrences of a search string with a replacement string, ignoring the case.
Code: gsar -i -s"search_string" -r"replacement_string" [file]
Example: To replace "Foo" or "foo" with "bar" in `example.txt`:
Code: gsar -i -s"foo" -r"bar" example.txt
3. Replace First Occurrence Only
Description: Replaces only the first occurrence of the search string in the file.
Code: gsar -o -s"search_string" -r"replacement_string" [file]
Example: To replace only the first occurrence of "foo" with "bar" in `example.txt`:
Code: gsar -o -s"foo" -r"bar" example.txt
4. Replace and Create a Backup of the Original File
Description: Replaces all occurrences of a search string and creates a backup of the original file.
Code: gsar -b -s"search_string" -r"replacement_string" [file]
Example: To replace "foo" with "bar" in `example.txt` and create a backup:
Code: gsar -b -s"foo" -r"bar" example.txt
Note: The backup file will have the original filename with an additional `~` character.
5. Search and Replace with a Specific Offset
Description: Starts the search and replace operation at a specified byte offset within the file.
Code: gsar -s"search_string" -r"replacement_string" -o[byte_offset] [file]
Example: To start replacing "foo" with "bar" starting at byte offset 100:
Code: gsar -s"foo" -r"bar" -o100 example.txt
6. Search and Replace in a Specific Range
Description: Replaces occurrences of a search string within a specified byte range in the file.
Code: gsar -s"search_string" -r"replacement_string" -n[start_offset] -m[end_offset] [file]
Example: To replace "foo" with "bar" between bytes 100 and 200 in `example.txt`:
Code: gsar -s"foo" -r"bar" -n100 -m200 example.txt
7. Show Matching Lines Only (Silent Mode)
Description: Shows only the lines that contain the matching search string, without modifying the file.
Code: gsar -s"search_string" -r"replacement_string" -I [file]
Example: To display lines containing "foo" in `example.txt` without replacing them:
Code: gsar -s"foo" -r"bar" -I example.txt
8. Count the Number of Replacements
Description: Displays the number of replacements made in the file.
Code: gsar -s"search_string" -r"replacement_string" -c [file]
Example: To count the number of times "foo" is replaced with "bar" in `example.txt`:
Code: gsar -s"foo" -r"bar" -c example.txt
9. Replace with a Binary String
Description: Replaces a search string with a binary sequence in the file.
Code: gsar -s"search_string" -r"\x[hex_value]" [file]
Example: To replace "foo" with a newline character in `example.txt`:
Code: gsar -s"foo" -r"\x0A" example.txt
10. Replace Using Hexadecimal Search and Replace Strings
Description: Uses hexadecimal values for both the search and replace strings.
Code: gsar -s"\x[search_hex]" -r"\x[replace_hex]" [file]
Example: To replace the hexadecimal value `0x666F6F` ("foo") with `0x626172` ("bar") in `example.txt`:
Code: gsar -s"\x666F6F" -r"\x626172" example.txt
11. Replace with Confirmation
Description: Prompts the user for confirmation before replacing each occurrence.
Code: gsar -s"search_string" -r"replacement_string" -p [file]
Example: To replace "foo" with "bar" in `example.txt` with confirmation:
Code: gsar -s"foo" -r"bar" -p example.txt
12. Invert Match (Replace Non-Matching Lines)
Description: Replaces lines that do not match the search string.
Code: gsar -v -s"search_string" -r"replacement_string" [file]
Example: To replace all lines not containing "foo" with "bar":
Code: gsar -v -s"foo" -r"bar" example.txt
13. Use Regular Expressions for Search and Replace
Description: Uses regular expressions for more advanced search and replace operations.
Code: gsar -r"regex_search" -r"regex_replace" [file]
Example: To replace all occurrences of digits with "number":
Code: gsar -r"\d+" -r"number" example.txt
14. Perform a Dry Run (No Changes Made)
Description: Simulates the search and replace operation without making any changes to the file.
Code: gsar -s"search_string" -r"replacement_string" -t [file]
Example: To simulate replacing "foo" with "bar" in `example.txt`:
Code: gsar -s"foo" -r"bar" -t example.txt
15. Display Help Information
Description: Displays help information for the GSAR command, listing all available options and their descriptions.
Example: To display help information for GSAR:
Conclusion
The **GSAR** command is a powerful utility for performing search and replace operations in binary and text files. By mastering these commands, you can efficiently manipulate and modify file contents, whether for data processing, text manipulation, or binary file editing.
Happy Editing!
|
|
|
Comprehensive List of Grep Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 02:01 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of Grep Commands with Descriptions
**grep** (Global Regular Expression Print) is a command-line utility used for searching and filtering text in files or standard input using regular expressions. Below is a detailed list of grep commands, along with descriptions and examples.
1. Basic String Search
Description: Searches for a specific string in a file and prints the matching lines.
Code: grep "search_string" [file]
Example: To search for the string "error" in a log file:
Code: grep "error" /var/log/syslog
2. Case-Insensitive Search
Description: Performs a case-insensitive search by ignoring the case of the search string.
Code: grep -i "search_string" [file]
Example: To search for "error" or "Error" or "ERROR" in a log file:
Code: grep -i "error" /var/log/syslog
3. Search Recursively in Directories
Description: Recursively searches through all files in a directory and its subdirectories.
Code: grep -r "search_string" [directory]
Example: To search for "error" in all files under `/var/log`:
Code: grep -r "error" /var/log
4. Display Line Numbers with Matches
Description: Displays the line numbers of the matching lines in the output.
Code: grep -n "search_string" [file]
Example: To search for "error" in a log file and display line numbers:
Code: grep -n "error" /var/log/syslog
5. Invert Match (Show Non-Matching Lines)
Description: Displays all lines that do not match the search string.
Code: grep -v "search_string" [file]
Example: To display all lines in a log file that do not contain "error":
Code: grep -v "error" /var/log/syslog
6. Display Only Matching Parts of Lines
Description: Displays only the parts of lines that match the search string.
Code: grep -o "search_string" [file]
Example: To display only the word "error" each time it appears in a log file:
Code: grep -o "error" /var/log/syslog
7. Count the Number of Matches
Description: Counts and displays the number of lines that match the search string.
Code: grep -c "search_string" [file]
Example: To count how many times "error" appears in a log file:
Code: grep -c "error" /var/log/syslog
8. Use Extended Regular Expressions (ERE)
Description: Enables extended regular expressions for more advanced pattern matching.
Code: grep -E "regex_pattern" [file]
Example: To search for lines that contain either "error" or "warning":
Code: grep -E "error|warning" /var/log/syslog
9. Search for Whole Words Only
Description: Matches only whole words instead of substrings.
Code: grep -w "search_string" [file]
Example: To search for the whole word "error" but not "errors":
Code: grep -w "error" /var/log/syslog
10. Show Context Lines (Before and After Matches)
Description: Displays a specified number of lines before and/or after each matching line.
Code: grep -C [num] "search_string" [file]
grep -B [num] "search_string" [file]
grep -A [num] "search_string" [file]
Example: To show 3 lines before and after each match of "error":
Code: grep -C 3 "error" /var/log/syslog
11. Suppress Output (Useful for Exit Status Only)
Description: Suppresses all output, useful when you only need to know if a match exists (exit status).
Code: grep -q "search_string" [file]
Example: To check if "error" exists in a log file without showing output:
Code: grep -q "error" /var/log/syslog
12. Print Filename with Matches
Description: Displays the name of the file where matches are found, useful when searching multiple files.
Code: grep -l "search_string" [files]
Example: To find which files in `/var/log` contain "error":
Code: grep -l "error" /var/log/*
13. Search for Files That Do Not Contain a String
Description: Displays the names of files that do not contain the search string.
Code: grep -L "search_string" [files]
Example: To find which files in `/var/log` do not contain "error":
Code: grep -L "error" /var/log/*
14. Search Compressed Files (Using zgrep)
Description: Searches within compressed files, typically using `zgrep` which behaves like `grep` but works with gzip-compressed files.
Code: zgrep "search_string" [compressed_file]
Example: To search for "error" in a gzip-compressed log file:
Code: zgrep "error" /var/log/syslog.gz
15. Highlight Matches in Color
Description: Highlights matching strings in color, making them easier to spot in the output.
Code: grep --color=auto "search_string" [file]
Example: To search for "error" and highlight matches:
Code: grep --color=auto "error" /var/log/syslog
16. Exclude Specific Files from Search
Description: Excludes certain files from being searched, useful when searching in directories.
Code: grep --exclude=[file_pattern] "search_string" [directory]
Example: To search for "error" in all files under `/var/log` except `.log` files:
Code: grep --exclude=*.log "error" /var/log/*
17. Exclude Directories from Recursive Search
Description: Excludes specific directories from being searched when performing a recursive search.
Code: grep --exclude-dir=[dir_pattern] -r "search_string" [directory]
Example: To search for "error" in `/var/log` but exclude `archive` directory:
Code: grep --exclude-dir=archive -r "error" /var/log
18. Limit the Number of Matches
Description: Stops searching after a specified number of matches are found.
Code: grep -m [num] "search_string" [file]
Example: To stop searching after finding the first 5 matches for "error":
Code: grep -m 5 "error" /var/log/syslog
19. Display Non-Matching Files (In Binary Mode)
Description: Displays files that do not contain matches, useful for binary files.
Code: grep -L -I "search_string" [files]
Example: To find binary files in `/bin` that do not contain "magic":
Code: grep -L -I "magic" /bin/*
20. Perform a Binary Search
Description: Searches for matches in binary files and displays them.
Code: grep -a "search_string" [binary_file]
Example: To search for "magic" in a binary file:
Code: grep -a "magic" /bin/somebinaryfile
Conclusion
The **grep** command is a powerful tool for searching and filtering text within files and streams, making it an essential utility in the Unix/Linux command-line toolkit. By mastering these commands, you can efficiently search, analyze, and process large amounts of text data.
Happy Searching!
|
|
|
Comprehensive List of FileKill Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:58 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of FileKill Commands with Descriptions
**FileKill** is a command-line utility used to delete files securely or forcefully on Windows systems. It is particularly useful for removing stubborn or locked files that cannot be deleted using standard methods. Below is a detailed list of FileKill commands, along with descriptions and examples.
1. Deleting a Single File
Description: Deletes a specified file.
Code: filekill.exe [FilePath]
Example: To delete the file `C:\Temp\unwanted.txt`:
Code: filekill.exe C:\Temp\unwanted.txt
2. Deleting Multiple Files
Description: Deletes multiple files specified by their paths.
Code: filekill.exe [FilePath1] [FilePath2] ...
Example: To delete `file1.txt`, `file2.txt`, and `file3.txt`:
Code: filekill.exe C:\Temp\file1.txt C:\Temp\file2.txt C:\Temp\file3.txt
3. Deleting Files in a Directory
Description: Deletes all files within a specified directory.
Code: filekill.exe [DirectoryPath]\*
Example: To delete all files in `C:\Temp`:
Code: filekill.exe C:\Temp\*
4. Force Deleting a File
Description: Forcefully deletes a file, even if it is locked or protected.
Code: filekill.exe -f [FilePath]
Example: To force delete `C:\Temp\lockedfile.txt`:
Code: filekill.exe -f C:\Temp\lockedfile.txt
5. Secure Deletion (Overwrite Before Deletion)
Description: Securely deletes a file by overwriting it with random data before deletion, making it unrecoverable.
Code: filekill.exe -s [FilePath]
Example: To securely delete `C:\Temp\sensitivefile.txt`:
Code: filekill.exe -s C:\Temp\sensitivefile.txt
6. Deleting All Files Matching a Pattern
Description: Deletes all files matching a specific pattern (e.g., all `.txt` files) within a directory.
Code: filekill.exe [DirectoryPath]\*.extension
Example: To delete all `.log` files in `C:\Logs`:
Code: filekill.exe C:\Logs\*.log
7. Deleting Read-Only Files
Description: Deletes files even if they are marked as read-only.
Code: filekill.exe -r [FilePath]
Example: To delete a read-only file `C:\Temp\readonlyfile.txt`:
Code: filekill.exe -r C:\Temp\readonlyfile.txt
8. Deleting Files Recursively
Description: Deletes files recursively within all subdirectories of a specified directory.
Code: filekill.exe -R [DirectoryPath]
Example: To delete all files within `C:\Temp` and its subdirectories:
Code: filekill.exe -R C:\Temp
9. Deleting Empty Files
Description: Deletes files only if they are empty (0 bytes).
Code: filekill.exe -e [DirectoryPath]\*
Example: To delete all empty files in `C:\Temp`:
Code: filekill.exe -e C:\Temp\*
10. Deleting Files Without Confirmation
Description: Deletes files without prompting for confirmation.
Code: filekill.exe -y [FilePath]
Example: To delete `C:\Temp\unwantedfile.txt` without confirmation:
Code: filekill.exe -y C:\Temp\unwantedfile.txt
11. Deleting Hidden Files
Description: Deletes files even if they are hidden.
Code: filekill.exe -h [FilePath]
Example: To delete a hidden file `C:\Temp\hiddenfile.txt`:
Code: filekill.exe -h C:\Temp\hiddenfile.txt
12. Logging Deletion Operations
Description: Logs the details of deletion operations to a specified file.
Code: filekill.exe -l [LogFilePath] [FilePath]
Example: To delete `C:\Temp\unwantedfile.txt` and log the operation to `C:\Logs\delete.log`:
Code: filekill.exe -l C:\Logs\delete.log C:\Temp\unwantedfile.txt
13. Deleting System Files
Description: Deletes files that are system-protected. Use this command with caution as it can affect system stability.
Code: filekill.exe -sys [FilePath]
Example: To delete a system file `C:\Windows\system32\protectedfile.dll`:
Code: filekill.exe -sys C:\Windows\system32\protectedfile.dll
14. Deleting Files on Next Reboot
Description: Schedules the deletion of a file on the next system reboot, useful for locked files.
Code: filekill.exe -delayed [FilePath]
Example: To delete `C:\Temp\lockedfile.txt` on the next reboot:
Code: filekill.exe -delayed C:\Temp\lockedfile.txt
15. Displaying Help Information
Description: Displays the help information for the FileKill command, listing all available options and their descriptions.
Example: To display help information for FileKill:
Conclusion
The **FileKill** command is a powerful utility for securely and forcefully deleting files on Windows systems. By mastering these commands, you can efficiently remove stubborn, locked, or protected files, ensuring they are deleted securely and permanently.
Happy Scripting!
|
|
|
Comprehensive List of Extract Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:56 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of Extract Commands with Descriptions
The **Extract** utility is a command-line tool used primarily for extracting files from compressed archives, such as CAB (Cabinet) files, on Windows systems. Below is a detailed list of Extract commands, along with descriptions and examples.
1. Extracting a Single File from a CAB Archive
Description: Extracts a single file from a CAB archive to the current directory.
Code: extract.exe [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab`:
Code: extract.exe archive.cab example.dll
2. Extracting All Files from a CAB Archive
Description: Extracts all files contained in a CAB archive to the current directory.
Code: extract.exe /e [CabFile]
Example: To extract all files from `archive.cab`:
Code: extract.exe /e archive.cab
3. Extracting to a Specific Directory
Description: Extracts one or more files from a CAB archive to a specified directory.
Code: extract.exe /l [DestinationDirectory] [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab` to `C:\ExtractedFiles`:
Code: extract.exe /l C:\ExtractedFiles archive.cab example.dll
Note: You can use `/e` instead of specifying a file to extract all files in the archive.
4. Verifying Files in a CAB Archive
Description: Verifies that files in a CAB archive can be extracted without actually extracting them.
Code: extract.exe /t [CabFile]
Example: To verify the contents of `archive.cab`:
Code: extract.exe /t archive.cab
5. Displaying a List of Files in a CAB Archive
Description: Lists all files contained within a CAB archive without extracting them.
Code: extract.exe /d [CabFile]
Example: To display a list of files in `archive.cab`:
Code: extract.exe /d archive.cab
6. Overwriting Existing Files Without Prompting
Description: Extracts files and overwrites any existing files without prompting the user.
Code: extract.exe /y [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab` and overwrite any existing file:
Code: extract.exe /y archive.cab example.dll
7. Overwriting Specific Files Without Prompting
Description: Overwrites specific files during extraction without prompting, but only those files specified.
Code: extract.exe /a /y [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab` and overwrite it if it exists:
Code: extract.exe /a /y archive.cab example.dll
8. Displaying Help Information
Description: Displays the help information for the Extract command, listing all available options and their descriptions.
Example: To display help information for Extract:
9. Extracting with Confirmation for Overwrites
Description: Extracts files and prompts for confirmation before overwriting existing files.
Code: extract.exe /r [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab` and prompt before overwriting:
Code: extract.exe /r archive.cab example.dll
10. Extracting Files and Preserving File Attributes
Description: Extracts files from a CAB archive while preserving their original file attributes.
Code: extract.exe /p [CabFile] [FileToExtract]
Example: To extract `example.dll` from `archive.cab` and preserve its attributes:
Code: extract.exe /p archive.cab example.dll
11. Extracting Files Without Paths
Description: Extracts files from a CAB archive without including their directory paths, placing all files in the specified destination directory.
Code: extract.exe /f [CabFile] [DestinationDirectory]
Example: To extract all files from `archive.cab` to `C:\ExtractedFiles` without directory structure:
Code: extract.exe /f archive.cab C:\ExtractedFiles
12. Specifying a Source Directory for Files to Extract
Description: Specifies the source directory within the CAB archive from which to extract files.
Code: extract.exe /s [SourceDirectory] [CabFile] [FileToExtract]
Example: To extract `example.dll` from the `System32` directory within `archive.cab`:
Code: extract.exe /s System32 archive.cab example.dll
Conclusion
The **Extract** command is a powerful utility for extracting files from CAB archives and managing compressed data on Windows systems. By mastering these commands, you can efficiently manage and extract files from CAB archives, whether for system recovery, application deployment, or data management.
Happy Scripting!
|
|
|
Comprehensive List of ERUNT Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:55 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of ERUNT Commands with Descriptions
**ERUNT** (Emergency Recovery Utility NT) is a utility for backing up and restoring the Windows Registry. It is particularly useful for creating registry backups that can be restored in case of system failures. Below is a detailed list of ERUNT commands, along with descriptions and examples.
1. Backing Up the Registry
Description: Creates a backup of the entire Windows Registry. By default, the backup is stored in a folder named after the current date.
Code: erunt.exe [BackupPath]
Example: To back up the registry to `C:\RegBackups`:
Code: erunt.exe C:\RegBackups
Note: If no path is specified, ERUNT will create a backup in the `C:\WINDOWS\ERDNT` directory by default.
2. Backing Up the Registry with a Custom Folder Name
Description: Creates a registry backup with a custom folder name instead of the default date-based name.
Code: erunt.exe [BackupPath]\[CustomFolderName]
Example: To back up the registry to `C:\RegBackups\MyBackup`:
Code: erunt.exe C:\RegBackups\MyBackup
3. Silent Mode Backup
Description: Performs a registry backup without displaying any prompts or confirmation dialogs.
Code: erunt.exe [BackupPath] /noconfirmdelete /noprogresswindow /days:0
Example: To silently back up the registry to `C:\RegBackups`:
Code: erunt.exe C:\RegBackups /noconfirmdelete /noprogresswindow /days:0
4. Automated Daily Backup
Description: Configures ERUNT to create daily backups automatically, storing backups in a specified directory.
Code: erunt.exe [BackupPath] /days:[NumberOfDays]
Example: To set up automated daily backups in `C:\RegBackups` and keep backups for 7 days:
Code: erunt.exe C:\RegBackups /days:7
5. Restoring the Registry from a Backup
Description: Restores the registry from a previously created backup. The restoration process should be performed from Safe Mode or from outside of Windows.
Code: erdnt.exe [BackupPath]
Example: To restore the registry from a backup located in `C:\RegBackups\20230902`:
Code: erdnt.exe C:\RegBackups\20230902
6. Restoring the Registry Silently
Description: Restores the registry without any prompts or user interaction.
Code: erdnt.exe [BackupPath] /silent
Example: To restore the registry from a backup located in `C:\RegBackups\20230902` without any prompts:
Code: erdnt.exe C:\RegBackups\20230902 /silent
7. Backing Up Only Specific Parts of the Registry
Description: Allows you to back up only specific registry hives such as `SYSTEM`, `SOFTWARE`, or `DEFAULT`.
Code: erunt.exe [BackupPath] /registry [hive1] [hive2] ...
Example: To back up only the `SYSTEM` and `SOFTWARE` hives to `C:\RegBackups\PartialBackup`:
Code: erunt.exe C:\RegBackups\PartialBackup /registry system software
8. Creating a Backup and Including the User Registry
Description: Backs up the entire registry including the user registry hives (`NTUSER.DAT`).
Code: erunt.exe [BackupPath] /user
Example: To back up the registry including the user registry to `C:\RegBackups`:
Code: erunt.exe C:\RegBackups /user
9. Restoring the Registry with the User Registry
Description: Restores the entire registry including the user registry hives.
Code: erdnt.exe [BackupPath] /user
Example: To restore the registry including the user registry from `C:\RegBackups\20230902`:
Code: erdnt.exe C:\RegBackups\20230902 /user
10. Automating the Backup Process via Task Scheduler
Description: Automates the backup process by scheduling it with Windows Task Scheduler. This is not a direct ERUNT command but can be set up using Task Scheduler.
Code: schtasks /create /tn "DailyRegistryBackup" /tr "C:\Path\To\erunt.exe C:\RegBackups /noconfirmdelete /noprogresswindow /days:7" /sc daily /st 02:00
Example: To create a daily registry backup at 2 AM:
Code: schtasks /create /tn "DailyRegistryBackup" /tr "C:\ERUNT\erunt.exe C:\RegBackups /noconfirmdelete /noprogresswindow /days:7" /sc daily /st 02:00
Conclusion
ERUNT is a valuable tool for backing up and restoring the Windows Registry. By using these commands, you can ensure that your system's registry is safely backed up and can be restored in the event of a system issue. Regular backups can prevent significant data loss and simplify recovery processes.
Happy Scripting!
|
|
|
Comprehensive List of DumpHive Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:53 AM - Forum: Batch & Shell Scripting
- No Replies
|
|
Comprehensive List of DumpHive Commands with Descriptions
**DumpHive** is a command-line utility used to extract and analyze the contents of Windows registry hive files. Below is a detailed list of DumpHive commands, along with descriptions and examples.
1. Dumping a Hive File
Description: Extracts the contents of a specified registry hive file and dumps it into a text file.
Code: dumphive.exe [HiveFilePath] [OutputFilePath]
Example: To dump the contents of the SYSTEM hive into a text file:
Code: dumphive.exe C:\Windows\System32\config\SYSTEM C:\output\system_dump.txt
2. Dumping a Specific Key
Description: Extracts the contents of a specific registry key within a hive file.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] [RegistryKey]
Example: To dump the `HKLM\Software\Microsoft` key from the SOFTWARE hive:
Code: dumphive.exe C:\Windows\System32\config\SOFTWARE C:\output\microsoft_dump.txt "Microsoft"
3. Displaying Help Information
Description: Displays the help information for the DumpHive command.
Example: To display help information for DumpHive:
4. Parsing a SAM Hive
Description: Extracts and displays user account information from the SAM (Security Account Manager) hive.
Code: dumphive.exe C:\Windows\System32\config\SAM C:\output\sam_dump.txt
Example: To extract user account information from the SAM hive:
Code: dumphive.exe C:\Windows\System32\config\SAM C:\output\sam_dump.txt
5. Extracting Security Descriptors
Description: Extracts and displays the security descriptors from a registry hive.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -sd
Example: To extract security descriptors from the SECURITY hive:
Code: dumphive.exe C:\Windows\System32\config\SECURITY C:\output\security_sd.txt -sd
6. Extracting Last Written Time of Keys
Description: Extracts the last written time of registry keys within a hive.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -lastwritten
Example: To extract the last written time for all keys in the SYSTEM hive:
Code: dumphive.exe C:\Windows\System32\config\SYSTEM C:\output\system_lastwritten.txt -lastwritten
7. Dumping All Subkeys of a Specific Key
Description: Dumps all subkeys of a specific key in a hive to a text file.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -subkeys [RegistryKey]
Example: To dump all subkeys under `HKLM\System\CurrentControlSet` in the SYSTEM hive:
Code: dumphive.exe C:\Windows\System32\config\SYSTEM C:\output\ccs_subkeys.txt -subkeys "CurrentControlSet"
8. Dumping Values Only
Description: Dumps only the values (and not the keys) from a registry hive to a text file.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -values
Example: To dump only the values from the SOFTWARE hive:
Code: dumphive.exe C:\Windows\System32\config\SOFTWARE C:\output\software_values.txt -values
9. Extracting Data in Hexadecimal Format
Description: Extracts and displays the data from the registry hive in hexadecimal format.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -hex
Example: To extract data from the SYSTEM hive in hexadecimal format:
Code: dumphive.exe C:\Windows\System32\config\SYSTEM C:\output\system_hex.txt -hex
10. Extracting Binary Data from Registry Values
Description: Extracts binary data from specific registry values within a hive.
Code: dumphive.exe [HiveFilePath] [OutputFilePath] -binary [RegistryKey] [ValueName]
Example: To extract binary data from the `HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters` key:
Code: dumphive.exe C:\Windows\System32\config\SYSTEM C:\output\tcpip_parameters.bin -binary "Tcpip\Parameters" "BinaryValueName"
Conclusion
DumpHive is a powerful tool for extracting and analyzing the contents of Windows registry hive files. By mastering these commands, you can efficiently gather important information from registry hives for forensic analysis or system administration purposes.
Happy Scripting!
|
|
|
Comprehensive List of dd Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:51 AM - Forum: Batch & Shell Scripting
- Replies (3)
|
|
Comprehensive List of dd Commands with Descriptions
The `dd` command is a powerful and versatile utility used in Unix-like operating systems for low-level copying and conversion of files and data. Below is a comprehensive list of common `dd` commands with descriptions and examples.
1. Basic File Copying
Description: Copies a file from one location to another. The `if` parameter specifies the input file, and the `of` parameter specifies the output file.
Code: dd if=/path/to/source/file of=/path/to/destination/file
Example: To copy `file1.txt` to `file2.txt`:
Code: dd if=file1.txt of=file2.txt
2. Creating a Bootable USB Drive
Description: Writes an ISO image to a USB drive, making it bootable.
Code: dd if=/path/to/image.iso of=/dev/sdX bs=4M status=progress
Example: To write `ubuntu.iso` to a USB drive:
Code: dd if=ubuntu.iso of=/dev/sdb bs=4M status=progress
Note: Replace `/dev/sdX` with the correct device identifier for your USB drive (e.g., `/dev/sdb`).
3. Creating a Disk Image
Description: Creates a disk image of a device or partition.
Code: dd if=/dev/sdX of=/path/to/image.img bs=4M status=progress
Example: To create an image of the `/dev/sda` disk:
Code: dd if=/dev/sda of=/backup/sda.img bs=4M status=progress
4. Restoring a Disk Image
Description: Restores a disk image to a device.
Code: dd if=/path/to/image.img of=/dev/sdX bs=4M status=progress
Example: To restore an image to the `/dev/sda` disk:
Code: dd if=/backup/sda.img of=/dev/sda bs=4M status=progress
5. Creating a Zero-Filled File
Description: Creates a file filled with zeros, often used to create a file of a specific size.
Code: dd if=/dev/zero of=/path/to/file bs=1M count=100
Example: To create a 100MB file filled with zeros:
Code: dd if=/dev/zero of=100mbfile.img bs=1M count=100
6. Writing Random Data to a File
Description: Writes random data to a file, which can be used for testing or security purposes.
Code: dd if=/dev/urandom of=/path/to/file bs=1M count=100
Example: To create a 100MB file filled with random data:
Code: dd if=/dev/urandom of=randomfile.img bs=1M count=100
7. Cloning a Disk
Description: Clones one disk to another. Useful for migrating data from one disk to another.
Code: dd if=/dev/sdX of=/dev/sdY bs=64K conv=noerror,sync status=progress
Example: To clone `/dev/sda` to `/dev/sdb`:
Code: dd if=/dev/sda of=/dev/sdb bs=64K conv=noerror,sync status=progress
8. Backing Up and Restoring the MBR (Master Boot Record)
Description: Backs up and restores the MBR, which includes the partition table and bootloader.
Code: dd if=/dev/sdX of=/path/to/mbr_backup.img bs=512 count=1
Example: To back up the MBR of `/dev/sda`:
Code: dd if=/dev/sda of=mbr_backup.img bs=512 count=1
To restore the MBR:
Code: dd if=mbr_backup.img of=/dev/sda bs=512 count=1
9. View Progress of dd Command
Description: Displays the progress of a running `dd` operation. This is particularly useful for long operations like disk cloning or imaging.
Code: dd if=/dev/sda of=/dev/sdb bs=64K conv=noerror,sync status=progress
Note: The `status=progress` option provides real-time updates on the amount of data copied.
10. Benchmarking Disk Performance
Description: Measures the read/write speed of a disk by copying data to and from `/dev/null` or `/dev/zero`.
Code: dd if=/dev/zero of=/path/to/disk bs=1G count=1 oflag=direct
dd if=/path/to/disk of=/dev/null bs=1G count=1 iflag=direct
Example: To measure the write speed:
Code: dd if=/dev/zero of=/tmp/testfile bs=1G count=1 oflag=direct
11. Converting File Format or Data
Description: Converts the format of data during copying. Common options include `conv=ucase` to convert text to uppercase and `conv=lcase` for lowercase.
Code: dd if=/path/to/input.txt of=/path/to/output.txt conv=ucase
Example: To convert all text in a file to uppercase:
Code: dd if=input.txt of=output.txt conv=ucase
12. Wiping a Disk
Description: Securely erases a disk by writing zeros or random data over it.
Code: dd if=/dev/zero of=/dev/sdX bs=1M status=progress
Example: To wipe `/dev/sda` by writing zeros over it:
Code: dd if=/dev/zero of=/dev/sda bs=1M status=progress
To wipe with random data:
Code: dd if=/dev/urandom of=/dev/sda bs=1M status=progress
13. Splitting Output into Multiple Files
Description: Splits the output into multiple files, each of a specified size.
Code: dd if=/path/to/input.file of=/path/to/output_prefix bs=1M count=100
Example: To split a large file into 100MB chunks:
Code: dd if=largefile.iso of=splitfile bs=100M
14. Skipping Bytes During Copy
Description: Skips a specified number of blocks before copying data.
Code: dd if=/path/to/input.file of=/path/to/output.file bs=512 skip=1
Example: To skip the first 512 bytes of a file:
Code: dd if=input.file of=output.file bs=512 skip=1
15. Using gzip for Compression
Description: Compresses the output using gzip while copying data.
Code: dd if=/dev/sdX | gzip > /path/to/image.gz
Example: To create a compressed disk image:
Code: dd if=/dev/sda | gzip > sda_image.gz
Conclusion
The `dd` command is an incredibly versatile tool for copying and converting data, as well
|
|
|
Comprehensive List of CatchMe Commands with Descriptions |
Posted by: Sneakyone - 09-03-2024, 01:49 AM - Forum: Batch & Shell Scripting
- Replies (1)
|
|
Comprehensive List of CatchMe Commands with Descriptions
CatchMe is a command-line tool used for advanced file, process, and module management, often utilized in system security and forensics. Below is a detailed list of commands available in CatchMe, along with their descriptions and usage examples.
1. -p
Description: Terminates a process by its process ID (PID).
Code: catchme.exe -p [PID]
Example: To terminate a process with PID 1234:
2. -m
Description: Enumerates and displays loaded modules within a process by its PID.
Code: catchme.exe -m [PID]
Example: To list modules loaded by a process with PID 1234:
3. -k
Description: Kills or terminates a specific process by its name.
Code: catchme.exe -k [ProcessName]
Example: To kill all instances of `notepad.exe`:
Code: catchme.exe -k notepad.exe
4. -s
Description: Suspends a process, effectively pausing its execution.
Code: catchme.exe -s [PID]
Example: To suspend a process with PID 1234:
5. -r
Description: Resumes a suspended process.
Code: catchme.exe -r [PID]
Example: To resume a process with PID 1234:
6. -l
Description: Lists all running processes on the system.
Example: To display all active processes:
7. -f
Description: Forces the deletion of a file, bypassing normal file protection mechanisms.
Code: catchme.exe -f [PathToFile]
Example: To forcefully delete `C:\malicious.exe`:
Code: catchme.exe -f C:\malicious.exe
8. -d
Description: Forces the deletion of a directory and its contents.
Code: catchme.exe -d [PathToDirectory]
Example: To forcefully delete the directory `C:\Malware`:
Code: catchme.exe -d C:\Malware
9. -rmdir
Description: Recursively deletes a directory and all its subdirectories.
Code: catchme.exe -rmdir [PathToDirectory]
Example: To recursively delete `C:\Malware` and all its subdirectories:
Code: catchme.exe -rmdir C:\Malware
10. -regdelkey
Description: Deletes a specific registry key.
Code: catchme.exe -regdelkey [RegistryKeyPath]
Example: To delete the registry key `HKLM\Software\MaliciousKey`:
Code: catchme.exe -regdelkey HKLM\Software\MaliciousKey
11. -regdelval
Description: Deletes a specific registry value.
Code: catchme.exe -regdelval [RegistryKeyPath] [ValueName]
Example: To delete the value `MaliciousValue` in the registry key `HKLM\Software\MaliciousKey`:
Code: catchme.exe -regdelval HKLM\Software\MaliciousKey MaliciousValue
12. -hide
Description: Hides a specific process from the task list.
Code: catchme.exe -hide [PID]
Example: To hide a process with PID 1234:
Code: catchme.exe -hide 1234
13. -unhide
Description: Unhides a previously hidden process.
Code: catchme.exe -unhide [PID]
Example: To unhide a process with PID 1234:
Code: catchme.exe -unhide 1234
14. -listmodules
Description: Lists all loaded modules for a specific process.
Code: catchme.exe -listmodules [PID]
Example: To list modules for a process with PID 1234:
Code: catchme.exe -listmodules 1234
15. -killall
Description: Terminates all instances of a specific process by name.
Code: catchme.exe -killall [ProcessName]
Example: To kill all instances of `explorer.exe`:
Code: catchme.exe -killall explorer.exe
16. -copyfile
Description: Copies a file to a specified location, even if the file is in use or locked.
Code: catchme.exe -copyfile [SourceFile] [DestinationFile]
Example: To copy `C:\file.txt` to `D:\backup\file.txt`:
Code: catchme.exe -copyfile C:\file.txt D:\backup\file.txt
17. -injectdll
Description: Injects a DLL into a specific process.
Code: catchme.exe -injectdll [PID] [DLLPath]
Example: To inject `C:\example.dll` into a process with PID 1234:
Code: catchme.exe -injectdll 1234 C:\example.dll
18. -fileinfo
Description: Displays detailed information about a specified file.
Code: catchme.exe -fileinfo [PathToFile]
Example: To display information about `C:\example.exe`:
Code: catchme.exe -fileinfo C:\example.exe
19. -shutdown</b]Description: Shuts down the computer.
Code: catchme.exe -shutdown
20. -rebootDescription: Restarts the computer.
ConclusionCatchMe is a powerful utility for advanced process and file management, often used in system security and forensic analysis. By mastering these commands, you can effectively manage system processes, manipulate files, and interact with the Windows registry in a secure and controlled manner.Happy Scripting!
|
|
|
|