With the news that Microsoft is bringing Bash to Windows (what a crazy world we live in!), it looks like I'm going to add "bash" to my "one more thing to learn" list.
In the meantime, I thought it would be good to list the common daily windows cmd.exe tools that I use and find useful. You can't beat the command line for performing fast, repeatable, scriptable actions that you might need to schedule or run ad-hoc.
Let's start the list:
Get the hostname of the computer you are on
If you are like me and can be logged into many remote desktop sessions, then it can be useful to find out the hostname of the computer you are on. To do that, the command is:
hostname. This means you will never get caught deleting files from the wrong server again! :)
Another simple command is the whoami command which will tell you the user you are logged on as for this session
Change the title of the command prompt window
Okay, you might laugh, but this is more useful than you think. If you have many cmd prompts open doing different tasks, changing the title of the command window helps you quickly identify the window you need.
List all processes running on the local machine
Ensuring that processes are running is essential bread and butter stuff. The tasklist command will give you what you need.
You can also list all processes running and their loaded DLL’s with the -m switch: tasklist -m
List all processes running on a remote machine
The tasklist command above can also list processes that are running on remote machines. Again, very useful. The command is: tasklist /s 10.10.10.10 /u domain\username. You will, of course, be prompted for the user's password
Kill a process running on the local machine
I use this all the time. There is no faster way of closing chrome.exe and all its tabs than from the command line. The command is: taskkill /F /IM pcocessname.exe.
Kill a process running on a remote machine
To kill a process on a remote machine you just need to supply the /s and /u flags to the taskkill command. For example: taskkill /s 10.10.10.10 /u domain\username /IM "appname.exe"
Display all services running on a machine
If you have services that you know should be running, then running net start shows you all services that have been started on your machine.
Pinging and IP addresses
This is the simplest of all diagnostic commands: ping 10.20.30.40. If you want to keep a constant ping going add the -t flag like so: ping 10.109.200.3 -t. I also like the utility fping by Kwakkelflap. You can download it from here.
It allows you to add a date and time to the ping, as well as log the pings to a file. You can even specify the amount of time to wait in-between each ping.
For example, the following command: fping 10.20.30.40 -D -T -c -t 10000 -L hello.txt will ping 10.20.30.40 logging the date and time to a file named hello.txt. It also waits 10 seconds in-between each ping. I like this utility, but one problem I have found is, it doesn't flush the file. This means you need to stop the execution before it writes everything out.
If you want to get your own IP address run ipconfig /all.
Display all IP addresses connected to a machine
If you want to display all IP addresses that are connected to a machine and what process they are connected to then run netstat -a -n. If you want to display all IP addresses connected on a specific port then pipe it through the find command. E.G: netstat -na | find "1234"
PSTools
This should probably be at the top of the list. The PSTools suite is great and my stand out favorite is the psexec tool. It allows you to run any dos command you issue on a remote computer.
For example, if you wanted to run netstat –n to display all IP addresses connected to a remote machine then you could run the following command: psexec.exe \\10.10.10.10 -u domain\username -p password netstat –n
Elevate
Have you ever tried modifying the hosts file only to be greeted with this dialog?
If so, then Elevate is the command line tool you need. This is just one example, but there can be many cases where you need to run something with elevated rights.
Connect to SQL Server database
If you have an SQL server instance you can run queries straight from the command line by using the osql command. For example:
OSQL -S 10.10.10.10\SQLExpress -U username -P password -d dbname -Q "select * from [dbname]..[tablename] where columna = 'blah-de-blah'"
You can even send the result to a text file
OSQL -S 10.10.10.10\SQLExpress -U username -P password -d dbname -Q "select * from [dbname]..[tablename] where columna = 'blah-de-blah'" >c:\textfile.txt
IP routing and adding a fixed route to your routing table
To view your routing table simply run route print. This will show you all the routes that are setup on your machine. You can add a fixed route to your routing table by running the "route add" command. This can be useful if you want to route traffic in a certain IP address range to a specific destination server. This has been useful to me in OpenVPN environments when I needed to force specific IP packets to a gateway.
To do this, first delete the route before adding it (just to make sure it doesn't already exist). For example: route delete 172.16.0.0. Then add the permanent route by running "route add" with the -p flag set. The -p flag says "make this permanent". For example route -p add 172.16.0.0 MASK 255.255.0.0 10.20.30.40 will create a route whereby and traffic that is destined for the IP range 172.16.x.x will get routed/pushed to the server 10.20.30.40.
Test if a remote server is listening on a specific port number
If you have a server listening on a remote port and you want to check it is accepting incoming connections, then you can use telnet to connect to the server and port. If it fails you will get the following error message back: "Could not open connection to the host, on port 25: Connect failed". This is very useful.
For example, the following command will try and connect to a server on port 80: telnet 10.20.30.40 80
Remote shutdown a SERVER!!!!
Naturally, use this one with caution! It's always a bit scary waiting for the server to come back up. When I do a remote-boot of a server, I keep a constant ping going so I can see when it comes back up
Don't forget, its obligatory when remote booting any server to mutter the Samuel L Jackson line from Jurassic Park: "hold onto your butts!"
Here's the command: shutdown -t 0 -r -f -m \\10.10.10.10
Find out users Logged onto a machine and logging them off
Under certain situations, you might find that you can't rdp onto a server because there are other users logged on. If this is the case you can issue the following command:quser /server:10.10.10.10. This will return a list of username's and and user id's. Following on from this, if you want to log a user off then run the logoff command, like so: logoff 1 /server:10.10.10.10. The 1 here is the user id returned from the quser command.
Time how long it takes a web page to load
cURL is a command-line tool that can communicate over a network using TCP, HTTP, etc. It includes metrics which means you can use it to time how long it takes for a web page to load.
Use it like so: curl -3 -k "https://oceanairdrop.blogspot.com"
Summing up
These commands are all bread and butter stuff but are useful to know to get diagnostic information about your environment. If you are responsible for a number of servers some of these commands can be a life saver. If you are unable to log onto a remote machine (using mstsc.exe) for whatever reason, don't forget about the command line. Being able to run these commands remotely (psexec.exe) is a godsend.
That's about it.... Remember, when issuing any of these commands, don't forget to "hold onto your butts!"
