Terminate an Application - wmic process where name="calc.exe" call terminateĬhange Process Priority - wmic process where name="explorer.exe" call setpriority 64 ![]() Start an Application - wmic process call create "calc.exe" Service Management - wmic service where caption="DHCP Client" call changestartmode "Disabled" Update static IP address - wmic nicconfig where index=9 call enablestatic("192.168.16.4"), ("255.255.255.0")Ĭhange network gateway - wmic nicconfig where index=9 call setgateways("192.168.16.4", "192.168.16.5"),(1,2)Įnable DHCP - wmic nicconfig where index=9 call enabledhcp Reboot or Shutdown - wmic os where buildnumber="2600" call reboot Get Mac Address - wmic nic get macaddress Obtain a Certain Kind of Event from Eventlog - wmic ntevent where (message like "%logon%") list briefĬlear the Eventlog (Security example) - wmic nteventlog where (description like "%secevent%") call cleareventlog ![]() Number of Logons Per USERID - wmic netlogin where (name like "%skodo") get numberoflogons ![]() Identify any local system accounts that are enabled (guest, etc.) - wmic USERACCOUNT WHERE "Disabled=0 AND LocalAccount=1" GET Name"Ĭhange Start Mode of Service - wmic service where (name like "Fax" OR name like "Alerter") CALL ChangeStartMode Disabled Look at services that are set to start automatically - wmic SERVICE WHERE StartMode="Auto" GET Name, Stateįind user-created shares (usually not hidden) - wmic SHARE WHERE "NOT Name LIKE '%$'" GET Name, Pathįind stuff that starts on boot - wmic STARTUP GET Caption, Command, User Spot Odd Executables - wmic PROCESS WHERE "NOT ExecutablePath LIKE '%Windows%'" GET ExecutablePath
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |