This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Edit key using (mnemonic: win+r) regedit | |
| Registry key: | |
| HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages |
jamiedevsandbox
/ win-peformat-mz
Last active
April 11, 2021 12:29
PE Format (MS-DOS EXE Format) MZ Signature
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Interesting information on the engineer and file structure (headers/realloc table) | |
| https://wiki.osdev.org/MZ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* endian.c (conforms to C89/90 standards) */ | |
| /* use valgrind to test for memory leaks/performance issue/code bottlenecks etc.. */ | |
| #include <stdio.h> | |
| void test_endian(); | |
| unsigned short cpu_endian_test(); | |
| unsigned short cpu_endian(const int); /* supply custom address as argument */ | |
| unsigned short cpu_endian(const int addr) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Debug/Extract MSI/EXE (PE Header): | |
| https://stackoverflow.com/questions/1547809/extract-msi-from-exe/24987512 | |
| https://superuser.com/questions/307678/how-do-i-extract-files-from-an-msi-package | |
| ACL (Microsoft Access Control Lists, grant file permissions/set group): | |
| icacls | |
| https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/icacls | |
| View/Extract contents/internal files of MSI: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Edit/Remove/Read image metadata (contains GPS coordinate location info) | |
| https://exiftool.org/ |
jamiedevsandbox
/ spawn-cmd-prompt-win
Created
April 23, 2021 15:03
Spawn Command Prompt in Windows 7 live cd boot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Without having to traverse through the GUI. | |
| mnemonic: | |
| shift + f10 |
jamiedevsandbox
/ win-cmd-wmic-info
Created
April 23, 2021 17:57
Var Dump Windows CMD Global Switches System Management
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| C:\Windows\system32>wmic /? | |
| [global switches] <command> | |
| The following global switches are available: | |
| /NAMESPACE Path for the namespace the alias operate against. | |
| /ROLE Path for the role containing the alias definitions. | |
| /NODE Servers the alias will operate against. | |
| /IMPLEVEL Client impersonation level. | |
| /AUTHLEVEL Client authentication level. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Launch windows 7 on a bootable DVD. | |
| Spawn terminal with Shift + F10. | |
| Inside cmd prompt: | |
| bootrec.exe /fixmbr | |
| bootrec.exe /fixboot | |
| bootrec.exe /rebuildbcd |
jamiedevsandbox
/ magic-jellybean-win-product-key
Created
April 24, 2021 17:06
Magic Jelly Bean Windows Product Key Finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Expose Windows Product Key | |
| https://www.magicaljellybean.com/keyfinder/ |
jamiedevsandbox
/ win-slmgr-tool
Created
April 24, 2021 17:51
Windows Software Licensing Management Tool for Non Genuine Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| slmgr.vbs | |
| When your copy of Windows is not genuine and you don't want to activate (with product key). | |
| slmgr /rearm | |
| ^ The above command will reset the licensing status of the machine. | |
| Now you will not receiveve messages stating your system is not genuine. | |
| This is temporary, ephemeral fix. | |
| After some time elapses, it will notify you again that it's not genuine. |
OlderNewer