Command Line Kung Fu

---

Here is a bunch of commands that are good to bear in mind when you troubleshoot a Windows system. By knowing these you can find out a lot of information without depending on 3rd party applications.

---

arp -a

Find other systems on the same subnet that the machine has been communicating with lately.

---

ipconfig /displaydns

Useful to find out which other systems the machine have resolved using DNS.

---

net use \\[targetIP] [password] /u:[user]

Set up an SMB session. If you do not enter a password, you will be prompted for one.

---

net use * \\[targetIP]\[share] [password] /u:[user]

Mount a share on a target. Some versions of windows require you to enter the machine name before the username. net use * \\[targetIP]\[share] [password] /u:[MachineName]\[user]

---

net use \\[targetIP] /del

Drop an SMB session.

---

net use * /del

Drop all SMB sessions.

---

for /L %i in (1,1,255) do @ping –n 1 192.168.0.%i | find "Reply"

Perform a PING sweep (192.168.0.x)

---

for /L %i in (1,1,255) do @echo 192.168.0.%i: & @nslookup 192.168.0.%i 2>nul | find "Name"

Reverse DNS Lookup

---

shutdown /a

Abort system shutdown

---

findstr /s /p /d:c:\windows /m mp3 *

Find all files in c:\windows where the filename contains the string "mp3"

---

wmic /node:[IPaddress] /user:[admin] /password:[password] qfe where hotfixid="KB958644" list full

Check if a patch is installed on a remote box

---

for /L %i in (1,0,2) do @(ping -n 1 HostIPaddr || echo ^G) & ping -n 2 127.0.0.1

Ping a machine and beep if a packet is missing