# Cmd

Windows cmd might be old but is still a very useful tool!

| Command                                                         | Output                                                               |
| --------------------------------------------------------------- | -------------------------------------------------------------------- |
| `type flag.txt`                                                 | Read the output of `flag.txt` like the cat command                   |
| `type *.txt`                                                    | Output of all `*.txt` files in current dir                           |
| `more flag.txt`                                                 | Read one page at a time of the file                                  |
| `type flag.txt \| find /i "flag{"`                              | Search for a string in a file                                        |
| `type flag.txt \| findstr "flag.*$"`                            | Searches for a regex string in a file                                |
| `dir /b /s C:\msbuild.exe`                                      | search for a file named `msbuild.exe` in the `C:\` drive recursively |
| `net user`                                                      | List local users                                                     |
| `net localgroup`                                                | local groups                                                         |
| `net localgroup administrators`                                 | Members of local admin group                                         |
| `net user haha lmao /add`                                       | Adds a user named `haha` with the pw `lmao`                          |
| `net localgroup administrators haha /add`                       | Adds the `haha` user to the local administrators group               |
| `netsh advfirewall show allprofiles`                            | See the config of the built-in firewall                              |
| `netsh advfirewall set allprofiles state off`                   | Turn off the built in firewall                                       |
| `reg query [key name]`                                          | Read a key                                                           |
| `reg add [key name] /v [value] /t [type] /d [data]`             | adding a reg key                                                     |
| `net use \\10.0.0.1 lmao /u:haha`                               | Connect to host 10.0.0.1 on SMB for user `haha` with pwd `lmao`      |
| `sc query`                                                      | List all running services                                            |
| `sc query state=all`                                            | List ALL services                                                    |
| `sc qc VSS`                                                     | List information about one specific service                          |
| <p><code>sc start VSS</code></p><p><code>sc stop VSS</code></p> | Start/stop a service                                                 |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/cmd.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.