BotHack

BotHack makes getting things done easy and fun. Delving deep into the technoweb, BotHack brings back simple and totally life-altering tips and tricks for managing your information and time. At this wild moment in the development of human-oriented technology, BotHack is your own personal early adopter, here to guide you through the onslaught of the new. The world is full of fascinating problems waiting to be solved: BotHack can help.

Sunday, August 07, 2005

Windows XP Command Line/Rundll32

Here are a few useful command line tips (this is a copy of
a post I made to a message board a while ago).
***All tools are in XP Pro, many may not be present in XP Home or WinNT***
Go Start->Run and type cmd to start command prompt, for those of you who are that ignorant ;P
List previously executed commands:
Hit F7 while in a command line window
//Try other function keys too!

Cancel shutdown (even if RPC died):
shutdown -a

Forced shutdown:
shutdown -s -f -c"" -t
Forced reboot:
shutdown -r -f -c"" -t
Kill *any* process:
Get list of processes : tasklist /svc
Kill Process : ntsd -p -c "q"

Fix flooded network:
ipconfig /flushdns
ipconfig /release
ipconfig /renew

Find out lots of stuff about network:
1) netstat -a (Connections & listening Ports)
2) netstat -r (Routing table)
3) netstat -e (Ethernet statistics)
4) nbtstat -a 127.0.0.1 (Netbios)
5) netsh (Lots of stuff)
6) openfiles
7) getmac (Media Access Control address)

Get Driver Info:
driverquery

Fix TCP/IP:
netsh int ip reset resetlog.txt

Start Task Manager with Elevated Privileges (Kill System Processes, etc): //I stole this from some blog
ntsd -hd -c "qd" taskmgr
-c "qd" tells debugger to execute 'qd' command
at the first breakpoint. -hd forces the target process to use regular heap (when the process is started under debugger the default is to use the NT debug heap. This is slower and takes up more memory)
A very sweet utility (try the examples!):
fsutil
Example: fsutil fsinfo statistics C:
Exampl2: fsutil hardlink create
grep for Windows (a "search in file" utility):
findstr <"search string"> <"file name">
Ping and tracert:
pathping
Example: pathping www.google.com

Powerful registry tool (mainly for scripters):
reg
Example: reg query HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun /s
Compare two files or sets of files:
comp /?

Manage Disk Partitions (I know it's obvious):
diskpart

View a summary of user and computer group policy settings:
gpresult

Microsoft Management Console (powerful tool indeed):
mmc

Send those annoying messages to the Messenger service
(you damn spammer): net send

Generally useful networking tool (obvious again):
net


***Rundll32 is a wonderful tool, especially for batch scripting.***
Format for using functions is :
rundll32 , , , ...
There is a tool to dump dll functions (for use with rundll32) included wi/MS VC++: dumpbin /exports
Example : dumpbin /exports C:WINDOWSsystem32user32.dll
I'd recommend : dumpbin /exports > .txt Or even better: http://www.cheztabor.com/dumpbinGUI/

***rundll32 Examples***

Learn how to mess with printers:
rundll32 PRINTUI.DLL,PrintUIEntry /?

Alternate shutdown (win32 api):
rundll32 user.exe,#7

Forced immediate logoff:
rundll32 user32.dll,ExitWindowsEx

Lock the keyboard:
rundll32 keyboard,disable

Lock mouse:
rundll32 mouse,disable

Swap mouse buttons:
rundll32 user,swapmousebutton

Display BSOD:
rundll32 user,disableoemlayer

Activate registry changes in HKEY_CURRENT_USER without restarting: rundll32 USER32.DLL,UpdatePerUserSystemParameters ,1 ,True


I played around with rundll32 some more, found some things (mostly useless) it can do:
Beep :
rundll32 user32.dll,MessageBeep

Repair IE Install :
rundll32 iesetup.dll,FixIE

Unstoppable Reboot, exiting all programs gently :
rundll32 IUENGINE.dll,EngRebootMachine

Open Device Manager :
rundll32 devmgr.dll,DevicePropertiesA

Reboot Dialog ("You must restart your computer before the new settings will take effect. Do you want to restart your computer now?") :
rundll32 IEAKENG.dll,DoReboot

Blank Error MessageBox :
rundll32 IEAKENG.dll,ErrorMessageBox

Stored User Names and Passwords (for network locations) Dialog : rundll32 keymgr.dll,KRShowKeyMgr

Password Reset Dialog (need diskette) :
rundll32 keymgr.dll,PRShowRestoreWizardW

Create Password Reset Diskette Dialog :
rundll32 keymgr.dll,PRShowSaveWizardExW

Install Modem Dialog :
rundll32 modemui.dll,InvokeControlPanel

Shutdown Dialog : rundll32 MSGINA.dll,ShellShutdownDialog


There are many more library functions listed here: http://www.ericphelps.com/batch/rundll/index.htm
For XP command line tools, check out:
http://www.microsoft.com/resources/documentation/windows
/xp/all/proddocs/en-us/ntcmds_o.mspx

Die Dulci Fruere

posted by Nitterbog @ 6:33 AM 

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home