Windows XP ToolBox

[ad]

This a very old article based on my tiny document “WinDOS tools” which was for a short while on Blackcode, before it was shutdown… It was an article to impres my friends, but found some usefull stuff two when writing it… so let’s take a look at some “hidden” Windows XP programs…

MAC Address (getmac)
It seems that Windows has a miny tool usefull in finding out our mac address… So type getmac and your MAC(‘s) address(es) will appear in the console.

Net BIOS Status (Nbtstat)
Another information tool, probably you have heard about it when reading some old documentation about Windows hacking… For it to work there should be installed the NetBeUI protocol, type nbtstat to get the full cmd line parameters.

CAB Packer (makecab, extrac32)
Theres a small packing tool available under Windows, by the help of which you can compress any files, giving more often a better compresion… here is an example how to use this functionality:

makecab file.exe
extrac32 file.ex_


Finger
Not much to say about this program, because many of you have heard about it, just type it in the console and get all available options.

FTP
Windows has a simple file transfer protocol client, for those of you who don’t have installed Windows Commander, or work remotely on a computer and can not use your browser to download the file on the specific host.

Message (msg)
It does what is supposed to do, it sends messages to the specific host on your network, but there could be some configurations on your network which wouldn’t allow you to do it… anyway here is an example of use:

msg username-of-targeted-host /SERVER:hostname and here your message


Shares
If you are in a local network on which you often copy files from other shared folders on your network, than this will prove for you to be a big relief, because this way you could shortcut all the shares for faster access…

C:\>net view \\hostname

Shared resources at \\hostname

Share name Type Used as Comment
--------------------------------------------------------
DOWNLOAD Disk

C:\>net use Z: \\hostname\DOWNLOAD

--if no error then from this point you can access the share the following way:

C:\>Z:
Z:\>


Network status (netstat)
If you don’t have a firewall, or you just want to see all your network connections currently in use of listening, then you the command netstat (-a) and will print you all the info mentioned above.

Path Ping (pathping)
This little program is a hybrid between traceroute and ping, so as you might have guessed it not only pings the specific host, but also shows the route the data packet uses to reach it’s destination.

Remote TaskKill (tskill)
Yes you can kill processes on your network, only if the network is not well configured (seen it a couple of times). By this you could shutdown an antivirus program, a firewall, the explorer process (this sometimes may crash Windows), or any other program run by the specific hostname. The command is tskill, for example you could do something like this (which would close Internet Explorer):

tskill iexplore /server:target-hostname /a /v


Telnet
I mention this one because you do not have always to download PuTTY, just for a telnet/irc/smtp/etc. connection, you could use the Windows incorpored telnet program; of course is not as good as PuTTY, but it will do…

Conclusion
There is no conclusion, this was a time passing article (I was bored at my Informatix class, so I wrote this one)… maybe some of you will apreciate it, while other will not…