Hello Folks,
In this write-up, we will discuss the answers for the “Windows Command Line” room which is a segment of the “Cyber Security 101” learning path. This blog covers the concepts of using Windows with the CLI interface for doing your day-to-day tasks such as file management, system information, monitoring processes, etc. Harnessing the power of CLI offers speed, efficiency, and advantages like automation and remote management.
You can access the room by clicking here.
Task 1 Introduction
This task will let you know the learning objectives and prerequisites required for the Command line interface of Windows which is essential in cyber security.
Q 1.1- What is the default command line interpreter in the Windows environment?
A 1.1- cmd.exe
Task 2 Basic System Information
This task will guide us in learning some basic but important commands like set, ver, systeminfo, more, cls, and some CLI-based operators. Using these commands we can get the information about our system.
Q 2.1- What is the OS version of the Windows VM?
A 2.1- 10.0.20348.2655
Q 2.2- What is the hostname of the Windows VM?
A 2.2- WINSRV2022-CORE
Task 3 Network Troubleshooting
CLI interface of Windows using command prompt provides various vital utilities for network configurations and troubleshooting such as ipconfig, ipconfig /all, ping, tracert, nslookup, and netstat. Each of these tools can help us perform tasks related to networking.
Q 3.1- Which command can we use to look up the server’s physical address (MAC address)?
A 3.1- ipconfig /all
Q 3.2- What is the name of the process listening on port 3389?
A 3.2- TermService
Q 3.3- What is the IP address of your gateway?
A 3.3- 10.10.0.1
Task 4 File and Disk Management
For managing the file system of Windows OS, the CLI interface offers multiple commands such as cd, dir, mkdir, rmdir, tree, copy, move, type, and erase for traversing and managing files and directories. We can also use the power of wildcards like * which will help handle multiple files and directories at once.
Q 4.1- What are the file’s contents in C:\Treasure\Hunt?
A 4.1- THM{CLI_POWER}
Task 5 Task and Process Management
For managing tasks and running processes in Windows Command Prompt, we have an important utility called tasklist which has the capability of listing and filtering various processes running on the machine. We can also terminate the running processes with taskkill command.
Q 5.1- What command would you use to find the running processes related to notepad.exe?
A 5.1- tasklist /FI “imagename eq notepad.exe”
Q 5.2- What command can you use to kill the process with PID 1516?
A 5.2- taskkill /PID 1516
Task 6 Conclusion
Q 6.1- The command shutdown /s can shut down a system. What is the command you can use to restart a system?
A 6.1- shutdown /r
Q 6.2- What command can you use to abort a scheduled system shutdown?
A 6.2- shutdown /a
You can check out our other blogs here.
Happy Pentesting!!!
Team CyberiumX