Last active
March 19, 2024 07:33
-
-
Save hochun836/57f0c6906183d09b86c522e51da8a974 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# base | |
key in 'cmd' in the address of file explorer to open cmd | |
ctrl + left click to open new window | |
# hotkey | |
esc // clear input | |
# common | |
C: // go to C drive | |
D: // go to D drive | |
cd <path> // change directory in the same drive | |
cd /D <path> // change directory to D drive | |
cd // if no <path> given, then like linux pwd | |
copy /? // like linux cp | |
copy <src-path> <dst-path> | |
cls // like linux clear | |
dir // like linux ll | |
dir /s/b // s: all subdirectories, b: bare format (no heading information or summary) | |
dir /s/b *.dll *.exe | |
type // like linux cat | |
where // like linux which | |
mkdir /? | |
mkdir <directory-path> | |
mkdir <level1>\<level2>\... // ex. mkdir a\b\c\d\e | |
echo 100 | |
echo. // empty line | |
echo 1 > a.txt | |
echo 2 >> a.txt | |
notepad | |
notepad a.txt | |
rmdir /? // rmdir <=> rd | |
rmdir <directory-path> | |
rmdir /s/q <directory-path> // ps. /s/q cannot be /sq | |
rmdir /s/q . // remove all contents of the current folder | |
del /? | |
del <file> | |
move <src-path> <dist-path> | |
move *.txt <dist-path> | |
tar -h | |
tar -zxvf <local-file-path.tar.gz> -C <change-to-some-dir> // x: extract, v: verbose, f: file, -C: change to directory (must exist) | |
tar -zcvf <local-file-path.tar.gz> <file-path1> [file-path2 ...] // c: create a new archive | |
tree /? | |
tree <directory-path> // like linux tree | |
tree /f /a <directory-path> // f: show fileName in directory, a: use ascii | |
explorer . // open a folder with current path | |
explorer C:\Windows // open a folder with path | |
explorer "C:\Program Files" // open a folder with path including space | |
start /? | |
start // open a new terminal | |
start . // open a folder with current path | |
start C:\Windows // open a folder with path | |
start "" "C:\Program Files" // open a folder with path including space | |
start nginx.exe // run nginex.exe in the current directory | |
shutdown /? | |
shutdown /l // l: logout | |
shutdown /s /t 0 /f // s: shutdown, t: delay tiime (second), f: force | |
shutdown /r /t 0 /f // r: restart | |
runas /? | |
runas /user:<user> <program> // run program as specific user | |
runas /user:administrator cmd.exe | |
chcp 65001 // chcp: change code page, 65001: UTF8, 950: Big5 (default) | |
curl -h // this is not the full help, this menu is stripped into categories | |
curl -h category // list an overview of all categories | |
curl -h <category> | |
curl -h auth | |
curl -h connection | |
curl -h curl | |
curl -h tls | |
curl -h all // list all options | |
curl -X <method> -H <header> -F <form> <url> | |
curl -X POST -H "Authorization: Bearer xxx" -F "message=yyy" https://notify-api.line.me/api/notify // need " not ' | |
sleep <seconds> | |
timeout /? | |
timeout /t <seconds> // /t <=> /T | |
timeout /t <seconds> /nobreak | |
timeout /t 3 | |
timeout /t 3 /nobreak | |
timeout /t -1 | |
timeout /t -1 /nobreak | |
date /? | |
date // set the date | |
date /t // /t <=> /T, show the date | |
time /? | |
time // set the time | |
time /t // /t <=> /T, show the time | |
msg /? // send a message to one or more users on the local or network | |
msg <username|sessionName|sessionId> <message> | |
msg * "Hello World" // *: send message to all sessions on specified server | |
msg * /V "Hello World" // V: display information about actions being performed | |
msg * /V /W "Hello World" // W: wait for response from user, useful with /V | |
pause // suspend processing of a batch program and display the message: Press any key to continue . . . | |
echo Enter any key to go && pause >nul // change the pause message | |
NOTE: @echo off vs. echo off | |
- case1: hide the prompt of the following command including itself | |
@echo off | |
echo 100 | |
echo 200 | |
echo 300 | |
pause | |
- case2: hide the prompt of the following command | |
echo off | |
echo 100 | |
echo 200 | |
echo 300 | |
pause | |
- case3: :: is a comment | |
::echo off | |
echo 100 | |
echo 200 | |
echo 300 | |
pause | |
# winrm / winrs | |
--- concept --- | |
ws-management (ws: webservice) is a specification of a soap-based protocol for the management of servers, devices, applications ... | |
windows remote management (aka. winrm) is microsoft implementation of ws-management | |
--- situation --- | |
computer A ------> computer B | |
- A & B is the same domain, and login user is administrator | |
- A & B is the same domain, and login user isn't administrator | |
- A & B isn't the same domain, and login user is administrator | |
- A & B isn't the same domain, and login user isn't administrator | |
*** winrm *** (windows remote management, server) | |
winrm /? | |
winrm e /? | |
winrm e winrm/config/listener // e <=> enumerate, list all instances of a management resource | |
winrm g /? | |
winrm g winrm/config // g <=> get, retrieving management information | |
winrm g winrm/config/client | |
winrm g winrm/config/service/auth | |
winrm qc /? | |
winrm qc // qc <=> quickconfig | |
*** winrs *** (windows remote shell, client) | |
winrs /? | |
winrs -r:<server-name> -u:<domain>\<user> <xxx.exe> | |
winrs -r:<server-name> -u:<domain>\<user> -p:<password> <xxx.exe> | |
winrs -r:http://<server-name>:5985 -u:<domain>\<user> -p:<password> <xxx.exe> | |
=> ref: https://techgenix.com/how-windows-server-2008-winrm-winrs/ | |
=> ref: https://dirteam.com/sander/2008/02/23/remotely-managing-your-server-core-using-winrm-and-winrs/ | |
Q: check winrm | |
winrm e winrm/config/listener | |
winrm g winrm/config | |
sc query winrm // check the 'winrm' service is running or not | |
net localgroup "Remote Management Users" // TODO | |
Q: the user who isn't administrator remotely login the computer which is the same doamin | |
TODO | |
Q: the user who is administrator remotely login the computer which isn't the same doamin | |
TODO | |
Q: passwordless remotely login | |
=> ref: https://serverfault.com/questions/987648/passwordless-auth-for-winrm | |
Q: configure winrm over https | |
=> ref: https://www.youtube.com/watch?v=9D3v9iythwM | |
TODO | |
https://docs.microsoft.com/zh-tw/powershell/scripting/learn/remoting/winrmsecurity?view=powershell-7.2 | |
https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management | |
https://docs.microsoft.com/en-us/windows/win32/winrm/authentication-for-remote-connections | |
# info. | |
whoami /? | |
whoami | |
whoami /upn | |
whoami /fqdn | |
whoami /logonid | |
whoami /user | |
whoami /groups | |
whoami /groups /fo table // fo: format output (table is default) | |
whoami /groups /fo list | |
whoami /groups /fo csv | |
whoami /groups /nh // nh: no header | |
whoami /all | |
hostname | |
systeminfo | |
ver | |
winver | |
dsregcmd /? | |
dsregcmd /status | |
# process | |
tasklist /? | |
tasklist /v // v: verbose | |
tasklist /v /fi "<filter-name> <operator> <value>" // fi: filter | |
tasklist | findstr xxx | |
taskkill /? | |
taskkill /fi "<filter-name> <operator> <value>" [/f] // f: force | |
taskkill /pid <pid> | |
taskkill /im <xxx.exe> | |
=> ref: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/tasklist | |
# common variable | |
echo %PATH% // like linux echo $PATH | |
echo %PATH:;=&echo.% // each one on a new line | |
echo %HOMEDRIVE% // C: | |
echo %HOMEPATH% // \Users\<user> | |
echo %USERDOMAIN% | |
echo %USERNAME% | |
echo %USERPROFILE% // C:\Users\<user>, like linux ~ (home directory path) | |
echo %SYSTEMROOT% | |
echo %windir% | |
echo %JAVA_HOME% | |
echo %CD% | |
echo %LOGONSERVER% | |
echo %PROCESSOR_ARCHITECTURE% | |
=> ref: https://docs.microsoft.com/en-us/windows/deployment/usmt/usmt-recognized-environment-variables | |
# text (findstr) | |
findstr /? | |
findstr <string> <filename> | |
findstr 2022 a1.txt // find 2022 in a1.txt | |
findstr 2022 a1.txt a2.txt // find 2022 in a1.txt, a2.txt | |
findstr "2022 2018" a1.txt // find 2022 or 2018 in a1.txt | |
findstr /c:"2022 2018" a1.txt // find string "2022 2018" in a1.txt | |
=> ref: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/findstr | |
# network | |
ipconfig /? | |
ipconfig // like linux ifconfig | |
ipconfig /all // display full configuration information | |
ipconfig /displaydns // display the contents of the dns resolver cache | |
ipconfig /flushdns // purge the dns resolver cache | |
ping /? | |
ping <ip> // ping pong by icmp | |
ping <name> // before icmp, need to resolve name | |
arp /? | |
arp -a // list all arp cache | |
arp -d // delete arp cache | |
netstat -h | |
netstat -an | find "80" // ps. "80" cannot be '80' or 80 | |
netstat -ano | findstr 80 | |
nbtstat /? // abbr of NetBIOS over TCP/IP Statistics | |
nbtstat -c // list all netbios cache | |
nbtstat -R // delete netbios cache (ps. need run as administrator) | |
getmac | |
# route | |
route /? | |
route print | |
route add <destination> mask <mask> <gateway-ip> | |
route delete <destination> | |
# service | |
sc /? | |
sc <command> <service-name> | |
sc query // list all services | |
sc query <service-name> | |
sc qc <service-name> // qc: query configuration | |
sc qsidtype <service-name> // qsidtype: query sid type | |
sc delete <service-name> | |
net start // list all running services | |
net start <service-name> | |
net stop <service-name> | |
=> ref: https://hweily.pixnet.net/blog/post/22586405 | |
# net | |
net /? | |
net help | |
net help names // explain different types of names in NET HELP syntax lines | |
net help syntax // explain how to read NET HELP syntax lines | |
net help services // list some of the services you can start | |
net help <command> | |
=> ref: https://ocean2002n.pixnet.net/blog/post/88734895 | |
net help user | |
net user /? | |
net user // list the user accounts for the computer | |
net user <user> // show the specified user | |
net user <user> <password> /add | |
net user <user> <password> // change password | |
net user <user> /delete | |
net help accounts | |
net accounts /? | |
net accounts // display the current settings for password, logon limitations, and domain information | |
net help localgroup | |
net localgroup /? | |
net localgroup // display the local groups on the computer | |
net localgroup <localgroup> // show the specified localgroup | |
net localgroup "Remote Desktop Users" | |
net localgroup "Remote Management Users" | |
net localgroup <localgroup> /comment:<text> // if text contains space, use /comment:"<text>" | |
net localgroup <localgroup> /add | |
net localgroup <localgroup> /delete | |
net localgroup <localgroup> <user>[ <user> ...] /add // separate multiple entries with a space | |
net localgroup <localgroup> <user>[ <user> ...] /delete // separate multiple entries with a space | |
net help share | |
net share /? | |
net share // list information about all resources being shared on the computer | |
net help use | |
net use // list all computer's connections | |
net use \\server\shared_folder <password> /user:<user> // add a connection | |
net use \\server\shared_folder /delete // delete a connection | |
net use z: \\server\shared_folder <password> /user:<user> // add a connection as a network disk (ex. z:) | |
net use z: /delete // delete a network disk (ex. z:) | |
Q: after delete a connection, still available use | |
A: if you want to delete cached credentials, you need to restart explorer.exe | |
taskkill /f /im explorer.exe && explorer // im: imagename | |
=> ref: https://serverfault.com/questions/451387/how-to-delete-cached-temporarily-credentials-for-a-network-share-on-a-windows-ma | |
if the above doesn't work, then try | |
net stop workstation | |
net start workstation | |
=> https://serverfault.com/a/486506/970347 | |
# bcdedit (boot configuration data store editor) | |
bcdedit /? | |
bcdedit /? <command> | |
bcdedit /? /enum | |
bcdedit /? /set | |
bcdedit /? /v | |
bcdedit // the /enum command is the default, so running "bcdedit" without parameters is equivalent to running "bcdedit /enum ACTIVE" | |
bcdedit /enum // list entries in a store | |
bcdedit /enum <type> // type: ACTIVE, FIRMWARE, BOOTAPP, BOOTMGR, OSLOADER, RESUME, INHERIT, ALL | |
bcdedit /enum ACTIVE | |
bcdedit /enum <type> /v // /v: display entry identifiers in full, rather than using names for well-known identifiers | |
bcdedit /enum ACTIVE /v | |
bcdedit /set hypervisorlaunchtype off | |
NOTE: introduction of bcdedit | |
The Bcdedit.exe command-line tool modifies the boot configuration data store. | |
The boot configuration data store contains boot configuration parameters and | |
controls how the operating system is booted. These parameters were previously | |
in the Boot.ini file (in BIOS-based operating systems) or in the nonvolatile | |
RAM entries (in Extensible Firmware Interface-based operating systems). You can | |
use Bcdedit.exe to add, delete, edit, and append entries in the boot | |
configuration data store. | |
# wmic (windows management instrument command-line) | |
*** wmic is deprecated *** | |
wmic /? | |
wmic computersystem get Model, Name, Manufacturer, SystemType | |
wmic os get Caption, Version, BuildNumber, Manufacturer | |
wmic nic get Name, Speed, NetConnectionID | |
wmic diskdrive get Model, Size, InterfaceType | |
wmic memorychip get Capacity, DeviceLocator, Speed | |
wmic cpu get Name, Caption, MaxClockSpeed | |
wmic path win32_videocontroller get Caption, VideoModeDescription, AdapterRAM | |
wmic partition get DeviceID, Size, Type | |
# wsl2 (windows subsystem for linux) | |
wsl --status | |
wsl -l // -l <=> --list | |
wsl -l -v // -v <=> --verbose | |
wsl -l -q // -q <=> --quiet | |
wsl -l -o // -o <=> --online, display a list of available distributions for install with 'wsl --install' | |
wsl --install -d <distro> // -d <=> --distribution | |
wsl // run the default distribution | |
wsl -d <distro> // -d <=> --distribution, run the specified distribution | |
wsl -d <distro> -u <username> // -u <=> --user, run as the specified user | |
wsl -d <distro> --cd <directory> // set the specified directory as the current working directory | |
wsl --shutdown // immediately terminate all running distributions and the wsl 2 | |
NOTE: how to install | |
=> ref: https://gist.github.com/hochun836/7ff4451c6afd09c05cf44f7855b8c11e#file-docker-cmd-L18 | |
NOTE: open by file explorer | |
\\wsl$ | |
# java | |
set PATH=C:\Program Files\Java\jdk-11.0.18+10\bin;%PATH% // for temp | |
set JAVA_HOME=C:\Program Files\Java\jdk-11.0.18+10 // for temp | |
java -version | |
echo %JAVA_HOME% | |
# dotnet | |
curl https://dot.net/v1/dotnet-install.ps1 -o %HOMEPATH%\Downloads\dotnet-install.ps1 -L | |
powershell %HOMEPATH%\Downloads\dotnet-install.ps1 | |
setx PATH "%PATH%;%LOCALAPPDATA%\Microsoft\dotnet" // IMPORTANT: setx limits 1024 length | |
dotnet --info | |
=> ref: https://learn.microsoft.com/en-us/dotnet/core/tools/dotnet-install-script | |
=> ref: https://blog.darkthread.net/blog/setx-1024-limit/ | |
# nvm (node version manager) | |
nvm version | |
nvm list // list the node.js installations | |
nvm list available // see what can be installed | |
nvm install 16.13.2 | |
nvm use 16.13.2 | |
=> ref: https://github.com/coreybutler/nvm-windows | |
# iis | |
iisreset /? | |
iisreset /status | |
iisreset /restart | |
Q: after deploy to iis, why my program cannot see updated environment variable PATH ? | |
A: TODO (https://serverfault.com/questions/193609/make-iis-see-updated-environment-path-variable) | |
# nginx | |
nginx -h | |
nginx -v // show version and exit | |
nginx -V // show version and configure options then exit | |
nginx -t // test configuration and exit | |
nginx -T // test configuration, dump it and exit | |
nginx -s <signal> // send signal to a master process: stop, quit, reopen, reload | |
nginx -s stop // stop is a quick shutdown. | |
nginx -s quit // quit is a graceful shutdown. nginx finishes serving the open connections before shutdown. | |
nginx -s reopen // reopen a log file to split the older log file | |
start nginx.exe | |
type logs\access.log | |
type logs\error.log | |
type logs\nginx.pid // record the pid of the master process (not worker processes) | |
type conf\nginx.conf | |
=> ref: https://www.w3study.wiki/a/202110/1131918.html | |
# nssm (non-sucking service manager) | |
nssm install [service-name] // open add gui | |
nssm edit <service-name> // open edit gui | |
nssm status <service-name> | |
nssm remove <service-name> | |
# proxy | |
ngrok -h | |
ngrok -v | |
ngrok http 8080 | |
cloudflared -h | |
cloudflared -v | |
cloudflared tunnel -h | |
cloudflared tunnel list -h | |
cloudflared tunnel list | |
cloudflared tunnel info -h | |
cloudflared tunnel info <tunnel-name> | |
cloudflared tunnel create -h | |
cloudflared tunnel create <tunnel-name> | |
cloudflared tunnel route -h | |
cloudflared tunnel route dns -h | |
cloudflared tunnel route dns <tunnel-name> <hostname> | |
# other | |
osk // on screen keyboard | |
gow // gnu on windows | |
gow -h // -h <=> --help | |
gow -l // -l <=> --list, list all executables | |
=> ref: https://github.com/bmatzelle/gow | |
# [note] change prompt text | |
prompt $d $t $_$P$G | |
=> ref: https://stackoverflow.com/questions/673523/how-do-i-measure-execution-time-of-a-command-on-the-windows-command-line | |
# [note] Run (aka. 執行) hotkey | |
win + r | |
# [note] Run | |
regedit (登錄編輯程式) | |
mmc (主控台) | |
dxdiag (DirectX 診斷工具) | |
msinfo32 (系統資訊) | |
msconfig (系統設定) | |
mspaint (小畫家) | |
mstsc (遠端桌面連線) | |
calc (小算盤) | |
notepad (記事本) | |
control (控制台) | |
control keymgr.dll (認證管理員) // 控制台\使用者帳戶\認證管理員 | |
control /name Microsoft.CredentialManager (認證管理員) | |
control /name Microsoft.WindowsFirewall (Windows Defender 防火牆) | |
explorer (檔案總管) // alternatively, win + e | |
cmd | |
powershell | |
powershell -NoProfile | |
powershell -NoLogo | |
powershell_ise | |
pwsh (PowerShell 7) | |
pwsh -NoProfile | |
pwsh -NoLogo | |
servermanager (伺服器管理員, windows server only) | |
inetmgr (Internet Information Services (IIS) 管理員) | |
taskmgr (工作管理員) | |
resmon (資源監視器) | |
recent // open a file explorer which path is C:\Users\<user>\Recent | |
rundll32 shell32.dll,Control_RunDLL desk.cpl,,0 (桌面圖示設定) | |
rundll32 keymgr.dll,KRShowKeyMgr (已儲存的使用者名稱和密碼) | |
=> observer: Task Manager 'Details' tab | |
=> IMPORTANT: C:\Windows\System32 (this is in %PATH%) | |
=> ref: https://www.tenforums.com/tutorials/86339-list-commands-open-control-panel-items-windows-10-a.html | |
taskschd.msc (工作排程器) | |
eventvwr.msc (事件檢視器) | |
compmgmt.msc (電腦管理) | |
diskmgmt.msc (磁碟管理) | |
certlm.msc (憑證 - 本機電腦) | |
certmgr.msc (憑證 - 目前的使用者) | |
gpedit.msc (本機群組原則編輯器) | |
secpol.msc (本機安全性原則) | |
services.msc (服務) | |
wf.msc (具有進階安全性的 Windows Defender 防火牆) | |
=> observer: Task Manager 'Details' tab | |
=> IMPORTANT: C:\Windows\System32\mmc.exe | |
appwiz.cpl (控制台\程式集\程式和功能) | |
sysdm.cpl (系統內容) | |
main.cpl (滑鼠 - 內容) | |
shell:startup (C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup) | |
shell:sendto (C:\Users\<user>\AppData\Roaming\Microsoft\Windows\SendTo) | |
shell:appsfolder (Applications) | |
<local-path> | |
\\<ip> | |
\\<ip>\<shared_folder> | |
\\<ip>\c$ | |
# [note] regedit (登錄編輯程式) | |
Computer\HKEY_CURRENT_USER\Environment | |
Computer\HKEY_CURRENT_USER\Control Panel\Desktop | |
Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Wallpapers | |
Computer\HKEY_LOCAL_MACHINE\SAM\SAM | |
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles | |
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run | |
Computer\HKEY_USERS\<SID>\Environment | |
# [note] gpedit.msc (本機群組原則編輯器) | |
Computer Configuration > Administrative Templates > System > Run > Logon > These Programs at User Logon | |
# [note] secpol.msc (本機安全性原則) | |
--- | |
secpol.msc is under gpedit.msc | |
Computer Configuration > Windows Settings > Security Settings | |
--- | |
Security Settings > Local Policies > User Rights Assignment > Shut down the system | |
# [note] taskschd.msc (工作排程器) | |
=> ref: https://ithelp.ithome.com.tw/articles/10276390 | |
IMPORTANT: | |
debug by eventvwr.msc (事件檢視器) // Windows Logs -> Application | |
# [note] auto execute a .exe when the computer start | |
using 'services.msc', 'Startup type' of the service is 'Automatic' | |
IMPORTANT: | |
we can find log from 'Event Viewer' (事件檢視器) // Windows Logs -> Application | |
# [note] auto execute a .exe when any user logon on | |
- way1 | |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp | |
- way2: regedit | |
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run | |
- way3: gpedit.msc | |
Computer Configuration > Administrative Templates > System > Run > Logon > These Programs at User Logon | |
# [note] auto execute a .exe when a specified user logon on | |
- way1 | |
C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup | |
# [note] backinfo.exe | |
reg add "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run" /v "BackInfo" /d "C:\software\Backinfo\BackInfo.exe" | |
=> link: https://cloudrun.co.uk/wp-content/uploads/2013/07/Backinfo.zip | |
=> ref: https://cloudrun.co.uk/server/backinfo-desktop-background/ | |
# [note] where is the record of desktop background (aka. wallpaper) | |
Run regedit | |
Computer\HKEY_CURRENT_USER\Control Panel\Desktop | |
Wallpaper | |
=> ref: https://www.winhelponline.com/blog/find-current-wallpaper-file-path-windows-10/ | |
# [note] add fscapture.exe to the context menu (aka. right-click menu) | |
reg add "HKCR\*\shell\FastStone Capture" | |
reg add "HKCR\*\shell\FastStone Capture" /v Icon /t REG_EXPAND_SZ /d "C:\Program Files (x86)\FastStone Capture\Icon1.ico" | |
reg add "HKCR\*\shell\FastStone Capture\command" /ve /d "\"C:\Program Files (x86)\FastStone Capture\FSCapture.exe\" \"%1\"" | |
# [note] edit regedit | |
where reg | |
reg /? | |
reg query /? | |
reg query <keyname> // keyname (aka. 機碼): [\\machine\]rootkey\subkey | |
machine: default value is current compute | |
rootkey: HKLM | HKCU | HKCR | HKU | HKCC | |
reg query <keyname> /v <valuename> | |
reg query "HKCU\Control Panel\Desktop" // if keyname contains space, then need "" | |
reg query "HKCU\Control Panel\Desktop" /v WallPaper | |
reg add /? | |
reg add <keyname> /d <data> // <=> reg add <keyname> /ve /d <data> | |
reg add <keyname> /ve /d <data> // adds an empty valuename (aka. (預設值)) for the key | |
reg add <keyname> /ve // empty the empty valuename | |
reg add <keyname> /v <valuename> /d <data> | |
reg add <keyname> /v <valuename> /d <data> /t <type> // type: REG_SZ | REG_MULTI_SZ | REG_EXPAND_SZ | REG_DWORD | REG_QWORD | REG_BINARY | REG_NONE (defalut: REG_SZ) | |
reg add <keyname> /v <valuename> /d <data> /t <type> /f // f: force | |
reg add "HKCU\Control Panel\Desktop" /v WallPaper /d C:\pic1.png /f | |
# [note] edit user rights assignment | |
ntrights /? // 'right' is just 'privilege' | |
ntrights -u <user> -r <right> // revoke the right | |
ntrights -u <user> +r <right> // grant the right | |
=> link: https://www.tenforums.com/attachments/tutorial-test/142289d1499096195-change-user-rights-assignment-security-policy-settings-windows-10-a-ntrights.zip | |
=> ref: https://www.tenforums.com/tutorials/88118-change-user-rights-assignment-security-policy-settings-windows-10-a.html | |
# [note] change network from public to private | |
=> ref: https://www.isunshare.com/windows-10/change-network-from-public-to-private-in-windows-10.html | |
# [note] list users currently logged on | |
query user | |
=> ref: https://www.manageengine.com/products/active-directory-audit/kb/how-to/how-to-list-users-currently-logged-on-to-windows-server-2008.html | |
# [note] rdp (remote desktop protocol) | |
a windows based protocol | |
- allows remote logon (defualt is not) | |
- allows up to 2 users logon at the same time | |
- disallows the same user logon at the same time | |
IMPORTANT: | |
- a user remote logon doesn't get the newest access_token if that user doesn't sign out | |
- 'disconnect' isn't equal to 'sing out' | |
PS. rdp port | |
Run regedit | |
keyname: Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\WinStations\RDP-Tcp | |
valuename: PortNumber | |
data: 3389 | |
NOTE: remove rdp connection entries from "Remote Desktop Connection" client | |
reg query "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" | |
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /v MRU2 // MRU0 ~ MRU9 | |
=> ref: https://howtomanagedevices.com/windows-10/4679/how-to-remove-rdp-connection-entries-from-windows-rd-client/ | |
# [note] track process create or stop | |
Run gpedit.msc | |
Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy | |
Audit process tracking | |
=> ref: https://superuser.com/questions/1052541/how-can-i-get-a-history-of-running-processes | |
# [note] order of resolve name | |
- ping <name> | |
- C:\Windows\System32\drivers\etc\hosts | |
- dns (Domain Name System) | |
- nbns (NetBIOS Name Service) | |
- nslookup <name> | |
- dns (Domain Name System) | |
# [note] nslookup | |
nslookup /? | |
nslookup <domain> // resolve domain to ip (using default server) (default -type=a) | |
nslookup <domain> <server> // resolve domain to ip (using specified server) (default -type=a) | |
nslookup -type=ptr <ip> // resolve ip to domain (using default server) | |
nslookup -type=ptr <ip> <server> // resolve ip to domain (using specified server) | |
// enter interactive mode | |
nslookup // using default server | |
nslookup - <server> // using specified server | |
nslookup - 8.8.8.8 // using google primary dns server | |
> help | |
> set type=<type> // type: a, cname, ptr ... | |
> <ip|domain> | |
> exit | |
# [note] link type | |
junction | |
soft link (symlink) | |
hard link | |
... | |
=> ref: https://blog.miniasp.com/post/2009/02/11/Using-Junction-tool-to-make-symbolic-links-in-Windows | |
=> ref: https://www.maketecheasier.com/create-symbolic-links-windows10/ | |
Q: how to observe a directory which link using ? | |
way1: cmd > dir | |
way2: install "Link Shell Extension", then right-click a directory > properties > Link Properties | |
Q: "directory junction" vs "directory symbolic link" | |
=> https://superuser.com/questions/343074/directory-junction-vs-directory-symbolic-link | |
# [note] add or remove items in app list on start menu | |
%ProgramData%\Microsoft\Windows\Start Menu\Programs // for all users | |
%AppData%\Microsoft\Windows\Start Menu\Programs // for current user | |
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs // for new accounts added to pc | |
=> ref: https://www.thewindowsclub.com/add-or-remove-items-in-all-apps-on-start-menu-in-windows | |
# [note] change cmd to powershell | |
C:\Users\Administrator>where powershell | |
C:\Users\Administrator>powershell | |
PS C:\Users\Administrator> $PSVersionTable // notice: prompt begin with 'PS' | |
PS C:\Users\Administrator> exit | |
C:\Users\Administrator> | |
# [note] set a variable | |
set a=100 | |
setx b 200 | |
setx -m c 300 // m: the variable is set in the system wide (HKEY_LOCAL_MACHINE) environment, default: in the HKEY_CURRENT_USER environment | |
echo %a% | |
echo %b% // need to reopen cmd | |
=> ref: https://www.shellhacks.com/windows-set-environment-variable-cmd-powershell/ | |
=> ref: http://jdev.tw/blog/4075/windows-setx-create-global-envirenment-variables | |
PS. set a variable by prompt or expression | |
set /? | |
set /p num=input a number: // p: allow to set the value of a variable to a line of input entered by the user | |
echo %num% | |
set /a xx=%num% + 100 // a: specifie that the string to the right of the equal sign is a numerical expression that is evaluated | |
set yy=%num% + 100 | |
echo %xx% | |
echo %yy% | |
PS. list all of the environment variables | |
set | |
PS. list all of the environment variables that begin with xxx | |
set <xxx> | |
set l | |
set logon | |
=> ref: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/set_1 | |
PS. list all of the environment variables by reg | |
user variables: reg query "HKEY_CURRENT_USER\Environment" | |
system variables: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment" | |
# [note] add default route and default gateway | |
route add 0.0.0.0 mask 0.0.0.0 192.168.0.1 // 192.168.0.1 is a example of default gateway | |
# [note] show command line in the task manager | |
=> ref: https://www.itread01.com/p/913722.html | |
=> ref: https://winaero.com/show-command-line-windows-10-task-manager/ | |
# [note] openssh | |
openssh includes ssh.exe, ssh-keygen.exe, scp.exe | |
=> ref: https://github.com/PowerShell/Win32-OpenSSH | |
# [note] multi-line one command | |
echo 100 ^ | |
200 ^ | |
300 | |
# [note] change mouse style | |
Run main.cpl | |
'Pointers' tab | |
=> link: http://www.rw-designer.com/cursor-library | |
=> ref: https://www.youtube.com/watch?v=PcEyDaNVgMs | |
IMPORTANT: | |
Run regedit | |
- current mouse style | |
keyname: computer\HKEY_CURRENT_USER\Control Panel\Cursors | |
valuename: (Default) | |
- custom mouse style | |
keyname: computer\HKEY_CURRENT_USER\Control Panel\Cursors\Schemes | |
valuename: <config-name> | |
# [note] in win11, change mouse right click to win10 | |
reg add HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 /ve /f | |
# [note] how to restart file explorer | |
=> ref: https://consumer.huawei.com/en/support/content/en-us00733776/ | |
# [note] windows hotkey | |
win + 1 // open which is pinned at 1st in the taskbar | |
win + 2 // open which is pinned at 2nd in the taskbar | |
win + <num> // open which is pinned at <num>-th in the taskbar | |
win + 0 // open which is pinned at 10th in the taskbar | |
win + + // open 'Magnifier' | |
win + l // lock computer | |
win + d // show desktop | |
win + i // open 'Windows Settings' | |
win + u // open 'Windows Settings | Ease of Access' | |
win + g // open 'Xbox Game Bar' | |
win + v // open 'Clipboard' | |
win + x // open winx menu | |
win + s // open search menu | |
win + r // open 'Run' | |
win + e // open a new file explorer | |
win + . // open emoji | |
win + shift + s // open 'Snip & Sketch' | |
ctrl + sfhit + esc // open 'Task Manager' | |
ctrl + w // close a window | |
shift + f10 // display the shortcut menu for the selected item (ex. context menu) | |
alt + d // edit address bar | |
alt + tab // task switcher | |
alt + esc // cycle through opened windows | |
f2 // rename | |
f4 // edit address bar | |
f5 // refresh | |
# [note] copy as path | |
shift + right-click -> in context menu, select 'Copy as path' | |
# [note] kerberos | |
TODO | |
# [note] ntlm | |
TODO | |
# [note] clink | |
clink combines the native windows shell cmd.exe with the powerful command line editing features of the GNU Readline library | |
=> ref: https://mridgers.github.io/clink/ | |
=> ref: https://www.cnblogs.com/bamanzi/archive/2013/04/15/clink-windows-cmd-readline.html | |
# [note] ocr (optical character recognition) | |
tesseract --help // show minimal help message | |
tesseract --help-extra // show extra help for advanced users | |
tesseract --help-psm // show page segmentation modes | |
tesseract --help-oem // show ocr engine modes | |
tesseract --version | |
tesseract --list-langs // list available languages for tesseract engine | |
tesseract <image-path> <output-path> | |
tesseract <image-path> <output-path> -l <lang> | |
tesseract xxx.png yyy -l chi_tra // output: yyy.txt | |
PS. install tesseract on windows | |
- step1. download from https://digi.bib.uni-mannheim.de/tesseract/tesseract-ocr-w64-setup-v5.3.0.20221214.exe | |
- step2. install tesseract and choose languages // ex. chinese | |
- step3. set 'C:\Program Files\Tesseract-OCR' to the environment variable 'Path' | |
- step4. verify the installation // by tesseract --version | |
=> ref: https://digi.bib.uni-mannheim.de/tesseract/ | |
=> ref: https://pdf.wondershare.com/ocr/extracting-text-from-image-python.html | |
IMPORTANT: | |
tesseract is one of the ocr engine | |
tesseract is developed by google | |
# [note] learn | |
=> ref: https://www.csie.ntu.edu.tw/~r91112/myDownload/WEB/CMD.html |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment