Windows Scripting Utilities_net Commands Table of Contents net Commands ................................................................................................................................ 2 net Syntax ....................................................................................................................................... 3 net Commands -1 ............................................................................................................................ 4 net Commands -2 ............................................................................................................................ 6 net Commands -3 ............................................................................................................................ 7 net config ........................................................................................................................................ 8 net config workstation .................................................................................................................. 10 net share ....................................................................................................................................... 11 net view -1 .................................................................................................................................... 13 net view -2 .................................................................................................................................... 14 IPC$ ............................................................................................................................................... 15 net use -1 ...................................................................................................................................... 17 net use -2 ...................................................................................................................................... 18 net use -3 ...................................................................................................................................... 21 net use Examples .......................................................................................................................... 22 netsh ............................................................................................................................................. 23 netsh – Command Mode -1 .......................................................................................................... 24 netsh – Command Mode -2 .......................................................................................................... 26 netsh – Command Mode -3 .......................................................................................................... 27 netsh – Command Mode -4 .......................................................................................................... 28 netsh – Batch Mode ...................................................................................................................... 30 Notices .......................................................................................................................................... 32 Page 1 of 32 net Commands net Commands Used to update, fix and view basic computer and network settings Run from the command prompt or in Batch files Most useful for enumerating user accounts, groups and network shares 22 **022 Okay. The net commands. These are native to Windows. They're essentially pretty much like admin, administrator tools, used to update, fix and view your basic computer and your network settings and scan. These all run from the command-line interface and therefore you can put them into your Batch file, so that's great. And this says most useful for enumerating the accounts and groups and such, but actually, there's a ton of things this can do, as you'll see here shortly. Page 2 of 32 net Syntax net Syntax To see the list of available options –“net /?” Help for each net command –“net help command” 23 **023 So just starting out, if you want to look up what it's NET and something else, NET accounts, NET computer. If you want to see that list, you can do the /?. Yeah, similar to xcopy. But you can also just do NET actually, if you just type NET. It'll do the exact same thing. It'll give you that listing right there. And then if you do the NET HELP, and then you put the actual subtopic or category that you'd like to get more information on, like VIEW in this case, it'll just, it'll give you the usage and it'll also give you a little bit more detail on what the options of the flags might be. And there, as you can see, there are quite a few of Page 3 of 32 them, and they're very helpful. They're meant to be for the administrator to be able to see things, to be able to adjust things, change things. So very powerful in taking the red/pentester side of me, we can use these for many not so on the up side things to do also, so... net Commands -1 net Commands -1 Many of these require Elevated Permissions to view or modify! net accounts – update user account database, modify passwords and login requirements net computer – adds or deletes computers from the domain net file – display a list of open shared files net group – add, delete, view groups (only works on Domain Controllers) 24 **024 Okay. One thing about many of these commands is that you will need elevated privileges to do it because they expect that an administrator's the one who's going to want to stop a process or see a list of maybe group users or something like that. Obviously someone that Page 4 of 32 has those kind of privileges, so it kind of defaults to that. So if you don't have those, a lot of times if you go back to your work computer back at your office and you try some of these commands, they'll say access denied and you won't be able to get at them, because your privileges aren't high enough. So if you're going to use these, especially in your scripting, make sure that the user account that you are running it from has high enough privileges. Okay? So accounts. Update user account database, modify passwords and login stuff. Net computer. This has to be with computers on a domain. So if you have a small non-domain, there's no domain controller running it, then this won't help you. It lets you add and delete computers to and from the domain. Net file displays open file shares, which is pretty nice. And net group lets you view groups and lets you add or subtract from that group. But once again, this is, this one only works on domain controllers itself, so you have to do it on a DC. Page 5 of 32 net Commands -2 net Commands -2 net localgroup – add, delete, view local and network groups net session – display, delete sessions connected to the computer net statistics – display network statistics net time – display time and date of another network computer 25 **025 So the net localgroup, unlike net group, will work on the local machine. It'll also work on network groups as well, if it is connected to a domain. So you can add and delete. Net session allows you to see all the sessions connected to a particular machine. And also lets you shut it down if you have the privileges to do so. If you want to look at your network statistics, that's available and there's actual time server. Net time will let you look at what it is. If you're just sitting on a stand-alone, it'll just go no time server, so can't get anything from that. Page 6 of 32 net Commands -3 net Commands -3 net user – display, create, delete users on the computer or domain net start – lists running services or start Windows services net pause – suspend a Windows service net continue – resume a paused Windows service net stop – stop a Windows service 26 **026 So if you're looking to enumerate the users on a machine, like you might if you're pentesting, you can use the net user, and you can also create, if you have enough privileges, and delete. So net start and net stop. This is for checking services that are running. If you just run net start it'll just show other running services. And if you put a particular service in there and you have the privileges, it will start that service from the command line and the same is true for stopping. Must have the privileges and it'll shut it down for you right from the command line. You can pause it, the Page 7 of 32 Windows service as well, and of course, continue is just resuming that same service, so... net config net config An extremely valuable net command for displaying configuration information of the local computer Has two options: Workstation or Server • Workstation is the most useful since that service is almost guaranteed to be running on the system. – Great for finding o OS Version o Computer Name o Domain o User name 27 **027 So net config gives you quite a bit of information, actually. And it says extremely valuable, and that may be extremely valuable to a hacker. In addition to being an administrator. If you're looking for good information on a particular machine, you can use the net config command and you'll see a lot of the configurations. It does have two options. You can put in net config workstation, and it'll give you the information. Actually give you Page 8 of 32 information about both workstation and server, whether you have a server or not. On the server side it'll say number of connections, and it'll be 0, because obviously no one--or should be 0. Obviously if you're not a server, for the most part, people aren't connecting to you. So that sort of server