Windows: Difference between revisions
Jump to navigation
Jump to search
| Line 196: | Line 196: | ||
==cpu_usage== | ==cpu_usage== | ||
Get-Counter '\Process(*)\% Processor Time'| Select-Object -ExpandProperty countersamples | Select-Object -Property instancename, cookedvalue| Sort-Object -Property cookedvalue -Descending| Select-Object -First 20| ft InstanceName,@{L='CPU';E={($_.Cookedvalue/100).toString('P')}} -AutoSize | Ft -autosize | out-string -width 4096 | Get-Counter '\Process(*)\% Processor Time'| Select-Object -ExpandProperty countersamples | Select-Object -Property instancename, cookedvalue| Sort-Object -Property cookedvalue -Descending| Select-Object -First 20| ft InstanceName,@{L='CPU';E={($_.Cookedvalue/100).toString('P')}} -AutoSize | Ft -autosize | out-string -width 4096 | ||
Get-WmiObject win32_processor | select LoadPercentage |fl | Get-WmiObject win32_processor | select LoadPercentage |fl | ||
Revision as of 09:16, 7 October 2015
which version of powershell is installed
$PSVersionTable
hibernate
powercfg.exe -h off
enable powershell
set-executionpolicy unrestricted
Configure network
- Static ip.
netsh interface ip set address name="Local Area Connection" static 192.168.122.41 255.255.255.0 192.168.122.1 1
- Dhcp
netsh interface is set address name="Local Area Connection" dhcp
- extract msi
msiexec /a "C:\software.msi" /qb TARGETDIR="C:\Folder"
restart network
route -f ipconfig /release ipconfig /renew arp -d * nbtstat -R nbtstat -RR ipconfig /flushdns ipconfig /registerdns
Profile
- Profile
C:\Users\abjorklund\AppData\Roaming\Microsoft\Windows\Start Menu
restart via rdesktop
CTRL + ALT + END
alternative shutdown
Shutdown with restart
shutdown /t 0 /r /f
Shutdown
shutdown /t 0 /s /f
logoff
shutdown /l /f
change password
Start a command prompt as administrator.
net user username password
is your account locked. bat file
@echo off :again date /t & time /t net user /domain mdinkel > c:\temp\mdinkel find "active" c:\temp\mdinkel timeout 10 goto again
Browse active dirctory structure
adsiedit.msc
time zone conversion
Here you can convert from Windows to unix time zones tz.
http://www.unicode.org/cldr/charts/latest/supplemental/zone_tzid.html
PowerShell
gc
Get-content. Print content of file.
gc c:\temp\file.txt
Set-content
Set-Content -path REMOTE\Filename.txt
Out-File
Out-File -Encoding UTF8
replace text in file
Get-Content REMOTE\Filename.txt | foreach-object { $_ -replace "OLD", "NEW" } | Set-Content REMOTE\Filename.txt
get-service
get-service ipeventwatcher
stop-service
stop-service ipeventwatcher
restart-service
restart-service ipremote -force
start-service
start-service ipeventwatcher
variable
Set variable to content of file.
$a = gc IPremote.exe.config
md5sum
[CmdletBinding(SupportsShouldProcess=$False)]
param([string]$File)
function Get-Checksum([string]$strInFile)
{
$objCrypto = New-Object "System.Security.Cryptography.MD5CryptoServiceProvider"
$objFile = Get-Item $strInFile
$objStream = $objFile.OpenRead()
$objBytes = $objCrypto.ComputeHash($objStream)
$strChecksum = ""
foreach($objByte in $objBytes) {
$strChecksum += $objByte.ToString('x2')
}
$objStream.Close() | Out-Null
return $strChecksum
}
$strFileToCheck = $File
if(Test-Path($strFileToCheck)) {
Get-Checksum $strFileToCheck
}
tcp connect
nc
(New-Object Net.Sockets.TcpClient).Connect("81.236.32.200",80)
grep
gc IPremoteDebug.log | select-string "ip2date"
grep recursive
dir -Recurse | Select-String -pattern "192.168.19.102"
list processes
Get-Process
clear content
Clear-Content filename.doc
dir recursive
dir /a/s/b filename.txt
dir recursive
'Get-ChildItem "c:\program files\" -rec | ForEach-Object -Process {$_.FullName}'
dir filename size
'get-childitem "C:\Program Files\directory" -rec | where {!$_.PSIsContainer} | select-object Name, Length'
dir human readable file size
function
Function Format-FileSize() {
Param ([int]$size)
If ($size -gt 1TB) {[string]::Format("{0:0.00} TB", $size / 1TB)}
ElseIf ($size -gt 1GB) {[string]::Format("{0:0.00} GB", $size / 1GB)}
ElseIf ($size -gt 1MB) {[string]::Format("{0:0.00} MB", $size / 1MB)}
ElseIf ($size -gt 1KB) {[string]::Format("{0:0.00} kB", $size / 1KB)}
ElseIf ($size -gt 0) {[string]::Format("{0:0.00} B", $size)}
Else {""}
}
command
Get-ChildItem | Select-Object Name, @{Name="Size";Expression={Format-FileSize($_.Length)}}
base64
decode base64 string
[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("YmxhaGJsYWg="))
troubleshooting network
netstat -ano | findstr <ipremote-pid>
diff
Compare two files.
compare-object (get-content one.txt) (get-content two.txt)
log file. Eventlog
List event logs.
Get-EventLog -list
List evnts in a log.
Get-EventLog -LogName IPremoteLog
List events sins date.
Get-EventLog -LogName Application -after "den 5 november 2014 10:00:00"
date
Get-Date
full output
Print all variable with full output
'(Get-Variable).StdOut'
Send output to line like the following to get more output.
| Ft -autosize | out-string -width 4096
restart services via samba
install samba-common
yum install samba-common
List services.
net rpc service list -I IPADDRESS -U USERNAME%PASSWORD
Stop service.
net rpc service start ipremote -I IPADDRESS -U 'user%password'
Start service.
net rpc service start ipeventwatcher -I IPADDRESS -U 'user%password'
Windows version
[System.Environment]::OSVersion.Version http://msdn.microsoft.com/en-us/library/windows/desktop/ms724833%28v=vs.85%29.aspx (Get-WmiObject -class Win32_OperatingSystem).Caption
Is proxy bypassed
$url = "http://10.127.12.10";$webclient = New-Object System.Net.WebClient; $webclient.Proxy.IsBypassed($url)
curl
(Invoke-WebRequest http://localhost/Requests -UseBasicParsing).content
turn of index services when computer is not used
In stopindexer enter the line
net stop wsearch
In the startindexer enter the line
net start wsearch
robocopy(backup)
robocopy C:\Users\user_name\Documents h:\backup\user_name /e /mir /np /log+:c:\temp\backup_log.txt
number of cpus
Get-WmiObject -class Win32_processor | ft systemname,Name,DeviceID,NumberOfCores,NumberOfLogicalProcessors, Addresswidth
cpu_usage
Get-Counter '\Process(*)\% Processor Time'| Select-Object -ExpandProperty countersamples | Select-Object -Property instancename, cookedvalue| Sort-Object -Property cookedvalue -Descending| Select-Object -First 20| ft InstanceName,@{L='CPU';E={($_.Cookedvalue/100).toString('P')}} -AutoSize | Ft -autosize | out-string -width 4096
Get-WmiObject win32_processor | select LoadPercentage |fl
Sort processes by mem usage.
get-wmiobject WIN32_PROCESS | Sort-Object -Property ws -Descending|select -first 20|Select processname, @{Name="Mem Usage(MB)";Expression={[math]::round($_.ws / 1mb)}},@{Name="ProcessID";Expression={[String]$_.ProcessID}},@{Name="UserID";Expression={$_.getowner().user}} | Ft -autosize | out-string -width 4096
disk usage
Get-PSDrive
tail
Get-Content [filename] | Select-Object -Last 10
wc count lines
Get-Content C:\temp\ERRORLOG.5 | Measure-Object -line
disable firewall
From the command line
netsh advfirewall set allprofiles state off
Using Powershell
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
add administrative user
Create user
net user /add root [password]
This creates the user account.
net localgroup administrators root /add
Which process is using port
# Which process is using port. netstat -nao | findstr :22 TCP 0.0.0.0:22 0.0.0.0:0 LISTENING 1916 # Which process has pid. get-process | findstr 1916 355 40 48752 56056 621 6,45 1916 PowerShellServer # which process has pid. tasklist | findstr 1916 PowerShellServer.exe 1916 Services 0 56.072 K