Utility Commands
There are far too many command options to list here. However there is a handy resource when looking for the command syntax for what you are trying to accomplish. Commandlinefu is an amazing repository of command strings accomplishing different tasks. Simply search the task and see what commands have worked for others.
Linux
Open file you do not have permission for
In the folder, view owner, permissions and UUID
# ls -la
Add new user
# sudo add user pwn
Change the UUID of the new user to that of the user that created the file
# sudo sed -i -e ‘s/[pwnUUID]/[targetUUID]/g’ /etc/passwd
Check the new UUID
# cat /etc/passwd | grep pwn
RTFM: Linux Utility Commands - pg. 6
PTFM: Linux Utility Commands - pg. 78
Operator Handbook: Linux_Commands - pg. 118
Operator Handbook: Linux_tricks - pg. 147
Windows
Add user to administrator group
> net user <name> <pass> /add
> net localgroup “Administrators" <user> add
Disable firewall
> netsh advfirewall set currentprofile state off
> netsh advfirewall set allprofiles state off
Uninstall patch to exploit a vulnerability
Display all patches
> dir /a /b c:\windows\kb*
Uninstall patch
> Wusa.exe /uninstall /kb:<###>
RTFM: Windows Utility Commands - pg. 17
RTFM: Powershell Commands - pg. 22
PTFM: Windows Utility Commands - pg. 1
Operator Handbook: Windows_Commands - pg. 328
Operator Handbook: Windows Tricks - pg.415
MacOS
Operator Handbook: MacOS Commands - pg. 154
Operator Handbook: MacOS Tricks - pg. 189
WMIC
Impacket scripts
wmiquery.py: It allows to issue WQL queries and get description of WMI objects at the target system (e.g. select name from win32_account).
wmipersist.py: This script creates/removes a WMI Event Consumer/Filter and link between both to execute Visual Basic based on the WQL filter or timer spec
RTFM: WMIC Commands - pg. 20
Last updated