Master Hack

Windows CMD Remote Commands for the Aspiring Hacker, Part 1

Welcome back, my greenhorn hackers!Many new hackers come from a Windows background, but seldom, if ever, use its built-in command-line tools. As a hacker, you will often be forced to control the target system using just Windows commands and no GUI.Although we would love to get Metasploit’s Meterpreter on the target and use all its capabilities on the owned system, that is not always possible. Some exploits will only allow us to get a CMD shell on the target Windows system.

In these cases, you will need to understand how to control the system strictly through the command prompt, without ever having the convenience and familiarity of the Windows GUI.

What I want to do in this tutorial is demonstrate some Windows commands on a Windows 7 system (Windows 7 is still over 50% of the installed base of Windows systems), but these commands change very little from Windows version to Windows version. I will be running the Windows commands from a remote Kali system on the target.

Step 1Connect to a Remote Windows System from Kali

Windows makes a distinction between commands that can be run while physically on the system and those that can be run remotely. We can’t assume that a command we can run while on the system will run remotely.

Here, we are only interested in those that can be run remotely. In my case, I will be connecting to the target system with a Netcat connection, but a Metasploit-spawned command shell or other will work just as well.

Step 2Basic Commands

In many ways, Windows CMD commands are similar to Linux/Unix commands (Unix preceded these commands by over a decade, and Microsoft borrowed heavily from it). At its most basic, we need to change directories within the file system. Like Linux, Windows uses the cd (change directory) command. To travel to the root of the directory system, we can just type

cd \

In addition, we can move up one level in the directory structure by typing:

cd ..

If we want to see the contents of a directory, we type dir as seen above. Some other key and basic commands include:

del <filename>

This will delete the file, similar to the Linux rm.

type <filename>

This will display the contents of the file, similar to the Linux cat.

As you can see below, I used type to display the contents of the confidentialfile.txt. I then del (delete) the confidentialfile.txt, and when I return to display the contents of it again, I get the message that “The system cannot find the specified file.”

To create a new directory, we use the md (make directory) command (in Linux, it’s mkdir). To create a directory named “newdirectory,” we type:

md newdirectory

After making newdirectory, we can now run dir and see the new directory that we created.

Step 3Network Commands

When we are on the remote system, we may need networking information. To do so, we have two basic commands, ipconfig and netstat. Ipconfig is very similar to the Linux ifconfig, as seen below.

To view the network connections of the system, we can type netstat, just like in Linux.


Step 4View Processes

Often, when we are on a remote system, we will need to see a listing of the running processes. From the GUI, of course, we can use the Task Manager (Ctrl + Alt + Del), but from the command prompt, we use tasklist.


If we want to find a single process, we could use the filter findstr (find string). This works similarly to grep in Linux. So, to find the process named “explorer,” we could type:

tasklist | findstr explorer

Note, that we used the pipe (|), just like in Linux, to send the results from the tasklist command to the filtering command, findstr.

If I want to kill a process, I can use the taskkill command. It requires the PID of the process we want to kill. In this case, the explorer process has a PID of 1532, so to kill it, I can type:

taskkill /PID 1532 /F

Where the /F means to force the kill.

Step 5Find the User Accounts

If we want to see the users on the target system, we can type:

net users

As you can see, this system has three users: guest, administrator, and the aptly named victim.

Step 6Run a Browser on the Target

While operating the system from the command prompt, we can execute some applications, such as the web browser. Internet Explorer is named iexplore on the command prompt, and we can find it either in the “Program Files” with the 64-bit version or “Program Files (x86)” with the 32-bit version. So, if I want to open Internet Explorer on the remote system from the command prompt and have it open, I would type:

cmd “start /max iexplore.exe


When we do, this opens Internet Explorer on the target system and goes to, as you can see below.

This might be really useful if you had a malicious XSS link set up and needed the target to go to a web server. Furthermore, we might just want the target system to go to our web server on Kali. We could start the Apache web server and then direct the target system to our web server where we may have some malicious software.

We can type:

iexplore <IP address>

As you can see below, we have directed the target system to our web server on Kali.

Keep coming back, my greenhorn hackers, as we develop the most valuable skill set in the 21st century—hacking!

Now We Are In Whatsapp You May Reach Us Via Link Below In My Profile Box.

Lovepreet Singh

Concept Behind Cross-Site Request Forgery.

Previous article

Rust: Difficult to Learn, but an Exciting Programming Language

Next article

You may also like


  1. Recommended Viagia Sites Generic Pharmacy Review [url=]zoloft no prescription fast[/url] Priligy Generico E Sicuro

  2. Viagra Nebenwirkungen Forum Levitra Esercizi Di Kegel [url=]viagra[/url] Tinidazol Witut Prescrption Kamagra Next Day

  3. Cialis A La Venta Achat Amoxicillin Pilule Pharmacie Patch Et Buy Cialis Super Active Plus [url=]cheapest cialis[/url] Site Serieux Pour Achat Cialis

  4. Online Pharmacy Canada Viagra Usata Levitra Cytotec Avant Pause De Sterilet [url=]dosis del kamagra[/url] Amoxicillin Cause Indigestion Misoprostol For Sale

  5. … [Trackback]

    […] Find More Info here on that Topic: […]

  6. … [Trackback]

    […] Read More here on that Topic: […]

  7. Safegenericpills Oxcarbezapine For Gabapentin Withdrawl Cialis 10 O 20 [url=]brand levitra 20 mg online india[/url] Viagra 100mg Euro

  8. … [Trackback]

    […] Here you will find 42765 more Information on that Topic: […]

  9. … [Trackback]

    […] Information to that Topic: […]

  10. … [Trackback]

    […] Find More on that Topic: […]

  11. … [Trackback]

    […] Information on that Topic: […]

  12. Finasteride Find [url=][/url] Viagra Dopage Viagra Indicaciones De Uso Buy Viagra Uk Tesco 247 Buying Discount Secure Ordering Acticin Pills Store [url=]cialis 5 mg best price usa[/url] Sildenafil Generique 25 Mg Cheap Keflex Viagra Achat 10 Pilule Buy Levitra Without Prescription [url=]canadian pharmacy cialis[/url] Propecia Vendita Buy Propecia Super Active Plus [url=]viagra vs cialis[/url] Priligy Dapoxetina Precio Buy Viagra In Brisbane 58 [url=]cheapest cialis 20mg[/url] Cheap Viagra Kamagra From The U.K Elocon 5g Elocon Cream

  13. Ebay Precio De La Ciales [url=]where to buy cialis online safely[/url] Over The Counter Sex Pills In Canada

  14. Cephalexin Cat Dosage [url=]generic viagra[/url] Levitra Every Day Erectile Dysfunction Medications Online

  15. Canadianmed24h [url=]where to get levitra[/url] Buy Finasteride North Ayrshire Acheter Viagra Par Paypal Acquisto Viagra Forum Cialis 10 Mg Medicament [url=]viagra vs cialis[/url] Can I Take An Extra Keflex Healthy Man Pills Amoxicillin Uses Buy Strattera Online [url=]cialis overnight shipping from usa[/url] Cephalexin Without A Prescription Zithromax More Drug Side Effects Cialis 20 Mg Internet Viagra Sur Femme [url=]levitra 20mg best price[/url] Amoxicillin Dental Appointments Order Now Macrobid [url=]canadian pharmacy cialis 20mg[/url] Achat Levitra Medicament Tomar Viagra Mujeres Levitra Effets Secondaires

  16. Buy Roaccutane Online Uk Order Valtrex Online With No Prescription Viagra E Doping [url=]cialis for sale[/url] En Ligne Priligy Generique Hair Growth Propecia Treatment Is Trazodone Available In Australia [url=]viagra[/url] Cialis Viagra Otros Cheap Diflucan No Prescription Wellbutrin Online Overnight No Rx [url=]online pharmacy[/url] Viagra Falschungen Nebenwirkungen Cialis 10 Mg Preise Bentyl Cod Only Low Price Levitra Preis Apotheke [url=]where to buy cialis online safely[/url] Viagra Online Next Day Shipping Viagra Cialis Levitra Prezzi Cialis Duracion Efecto Cialis For Daily Use Cost 338 [url=]cialis cheapest online prices[/url] Discovering Amoxil Amoxicillin Sensitivity To Light Sun Exposure Levitra Safe [url=]cialis 20mg price at walmart[/url] Amoxicillin Use

Leave a reply

Your email address will not be published. Required fields are marked *

More in Master Hack