Post

Getting Started with Windows Command Prompt

Posted
By
3 min read
Getting Started with Windows Command Prompt

Preface

There is a lot to know about Windows, but knowledge of the Windows command line will be of use to a cyber operation, blue or red.

By default, there are two types of command lines to use on Windows:

CMD.exe is admittedly less powerful than PowerShell, but it is really useful to know. What if you are in an environment that does not allow the use of PowerShell? Your next best bet is to use CMD.exe. What if you need to more complex operations in an efficient manner? PowerShell is perfect for that. What you use should depend on what is available, and what you are trying to do.

I will cover PowerShell in another post.

CMD.exe

help will invoke a list of all built-in commands.

help | more will pipe the output of help into the more command so that you can view the commands on screenful at a time.

<command> /? will bring up switches (flags) and other parameters that can be used on the command

  • e.g., dir /? will list a lot more information about the command

Generally, help <command> and <command> /? will bring up the <command>

Interestingly, the help you receive from running <command> /? varies depending on “how far” you are into the command.

For example:

fsutil /? will provide a list of parameters and sub-commands to run along with it. But what if you don’t know how to utilize this information?

Let us use the sub-command file

fsutil file /? invokes another list of information that is specific to fsutil file

fsutil file createNew /? will display the usage of this specific command sequence, which is: fsutil file createNew <filename> <length>

Very interesting.

Why Use The help Utility When The Internet Exists?

Personally, I think that the internet is usually a better resource for learning about anything. However, the documentation, while not always the most informative, is actually really helpful.

It is also helpful to know how to read the manuals and documentation built-in to the shell if you have no access to the internet.

What if you are in an environment that doesn’t allow internet access? This is the perfect scenario to use the help utility and /? switch.

Basic Commands

dir is used to list the contents of a directory

cd and chdir are used to change directories using either a relative path or an absolute path

  • cd with no arguments will print the current working directory whoami display your current user information
  • /priv is useful for seeing what privileges the current user has

type will print out the contents of a file

fsutil can be used to create files, among many other things

Creating files in cmd.exe is a little annoying. But if you need a text file, you can do:

echo "" > file.txt

Deleting Files

del and erase can both delete files. can specify directory, filename, a list of names, or even a specific attribute to target (e.g., delete all read-only files) when deleting files

del <file.txt>

del one.txt two.txt

erase one.txt two.txt three.txt

all do the same thing

dir /A:R displays read-only files in directory

help del shows option to delete files based on attributes

del /A:R * deletes all read-only files

dir /A:H list all hidden files

del /A:H * delete all hidden files

Copying and Moving Files

copy

copy <source> <destination>

copy secrets.txt C:\users\student\hidden-dir\not-so-secret-now.txt

will copy and the sub-process running the command dies

/V switch will turn on file validation. makes sure that the file was actually copied

copy /V secrets.txt C:\users\student\here\lol.txt

move can move files and directories from one place to another and rename them (if you want)

move hw.pdf C:\users\whatzitooya\hw_folder\

I/O

operators

  • >
    • push output of previous command to something else
    • overwrite a file
    • create new file
  • >>
    • append to file
  • <
    • provide input to command on left of <\
    • find /i "see" < test.txt
      • /i case-insensitive
      • similar to findstr. findstr has more stuff, like regex
  • &
    • run next command regardless of previous command success/failure
    • kind of like doing <command>; <command> in bash
  • &&
    • same behavior as && in bash
  • |
    • direct output to another command
    • ipconfig /all | find /i "IPv4"
  • ||
    • same as bash
    • run next command if previous failed
windows
windows cmd
This post is licensed under CC BY 4.0 by the author.