메뉴 건너뛰기

Dev tips

Windows Server 해커들을 위한 CMD 툴 모음

taknim 2008.05.22 23:08 조회 수 : 32619 추천:2413

http://cafe.naver.com/odshs/2077
CommandTools.rar -

cpuinfo.exe - gets the processor type and CPU clocking speed (mhz)
fport.exe - shows open ports and the process that owns the port
iplist.exe - enumerates the ip's of the computer
md5.exe - gets the md5 hash of a file
pw2kget.exe - for win2k gets the password of the currently logged on user
pwreveal.exe - gets the passwords of any window that has a ****** editbox
regshell.exe - a commandline registry explorer/editor
resolve.exe - a commandline URL resolver
sendmail.exe - a commandline email sender
uptime.exe - gets the machines current uptime
xwhois - advanced whois lookup
Screencap.exe - makes a screenshot of the screen and saves it to screenshot.bmp
CMDget.exe - Downloads a file from a website from user provided parameters
webscr.exe - creates a snapshot from the webcam and saves it
shutd.exe - program that forces shutdown/reboot of machine
bnc.exe - bnc for windows (see bnc.cfg)
clslog.exe - clears app/security/system logs XP/NT/2k
enum.exe - enumerates IPC$ share to collect information
winfo.exe - enumerates IPC$ share to collect information
FTPd.exe - small ftp server for dos (see slimftpd.conf)
Global.exe - process dos command on all disc/subdirs
iCmd.exe - telnet server 98/xp/nt/2k
iislog.exe - clears IIS logs
Info.exe - gets system information
ispc.exe - spawns shell on hacked IIS (put idq.dll on remote script dir)
nc.exe - netcat
pv.exe - process manager for dos
Pwdump.exe - dumps SAM hashes
scrnmode.exe - change screen mode from dos
unrar.exe - unrar for dos
wget.exe - wget for windows
wizmo.exe - command tool (see w.txt)
dwpp.exe - dial up password graber
winrelay.exe - relay tcp/udp connections
getad.exe - escalate to admin user in w2k
pipeup.exe - escalate to admin user in w2k
dnsid - identify remore dns server
rinetd.exe see rinetd.txt


CommandTools2.rar -

CtrList.exe Is a command-line tool that lists all objects and counters for the given ID.
Cusrmgr.exe: Console User Manager
Devcon.exe Can list, enable and disable PCI devices on your motherboard
Handle.exe Get the list of processes holding on to a particular file
listit.exe Realtime file lister
nfi.exe NTFS file sector information tool
NtCrash.exe Crash NT systems
ntttcpr.exe Network speed test tool
OpenTelnet.exe Opens telnet server remote
p2p.exe Port maping/redirecting tool
psgetsid.exe Local and remote account/mashine SID displayer
Psinfo.exe Local and remote system information viewer
psloggedon.exe Logon session displayer
pspasswd.exe Local and remote password changer
psservice.exe Local and remote services viewer/controler
ruis.exe Rcmd tool
screnc.exe Microsoft Script Encoder
sid2user.exe Obtain the account name from SID
srvinstw.exe GUI services manager
tinfor.exe Token information of process ID
tlist.exe Task List Viewer
wsu.exe Creates new processes as another user
xsniff.exe Command line sniffer
appshutdown.exe Uses PostThreadMessage to shutdown app. under non. priv. user.
wfpadminc.exe Disable Windows file protection
ARPToxin.exe ARP Poisoning tool


CommandTools3.rar

Thermite.exe - unlike other leaktest that injects it's code into another processes via DLL, injects it's code into the target process directly, by creating an additional malicious thread within that process! totally invisible to some actuals personal firewall??!.

Copycat.exe - uses direct code injection (without creating an additional thread) into a web browser to prevent to be catched by firewall.

SDTrestore.exe - Win2K/XP SDT Restore 0.2 (Proof-Of-Concept)

Process.exe - Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP

Dellater.exe - DelLater is a tiny program that allows you to specify files to be deleted when Windows next boots, making it ideal for those situations when you can't delete a file because it's in use.

Cmdline.exe - CmdLine is a unique process listing tool for Windows NT4/2K/XP that uses an undocumented technique to reveal the full commandlines (with all parameters!).

CloseApp.exe - CloseApp is a small command-line tool which closes all the running instances
of the process whose executable name is specified as a parameter.

Cachedump.exe - Recovers Windows Password Cache Entries
Delbyowner.exe - is a delete/copy utility that lets you specify files by owner.
CmdAsUser.exe - start a command as a specified user.
SPwdSpyDemo_Exe.zip and pwdspy.zip reveals passwords behind ****