?

Log in

No account? Create an account
entries friends calendar profile adric.net Previous Previous Next Next
Longhorn: the secret to server core .. revealed! - nil.enroll(aetheric_username, quantum_class_id)
yljatlhQo'! QIch lo'laltbebej!
adric
adric
Longhorn: the secret to server core .. revealed!

c:\Windows\System32>cscript SCregEdit.wsf /?

===usage===
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.

Automatic Updates - Manage Automatic Windows Updates
These settings can be used to configure how Automatic Updates are applied to
the Windows system. It includes the ability to disable automatic updates and
to set the installation schedule.

/AU [/v][value]

        /v      View the current Automatic Update settings
        value   value you want to set to.

        Options:
        4 - Enable Automatic Updates
        1 - Disable Automatic Updates


Terminal Service - Allow Remote Administration Connections
This allows administrators to connect remotely for administration purposes.

/AR [/v][value]

        /v      View the Remote Terminal Service Connection setting
        value   (0 = enabled, 1 = disabled)


Terminal Service - Allow connections from previous versions of Windows
This setting configures CredSSP based user authentication for
Terminal Service connections

/CS  [/v][value]

        /v      View the Terminal Service CredSSP setting
        value   (0 = allow previous versions, 1 = require CredSSP)


IP Security (IPSEC) Monitor - allow remote management
This setting configures the server to allow the IP Security (IPSEC) Monitor to
be able to remotely manage IPSEC.

/IM [/v][value]

   /v   View the IPSEC Monitor setting
        value   (0 = do not allow, 1 = allow remote management)


DNS SRV priority - changes the priority for DNS SRV records
This setting configures the priority for DNS SRV records and is only useful
on Domain Controllers.
For more information on this setting, search TechNet for LdapSrvPriority

/DP [/v][value]

   /v   View the DNS SRV priority setting
        value   (value from 0 through 65535. The recommended value is 200.)

This allows administrators to connect remotely for administration purposes.

/AR [/v][value]

        /v      View the Remote Terminal Service Connection setting
        value   (0 = enabled, 1 = disabled)


Terminal Service - Allow connections from previous versions of Windows
This setting configures CredSSP based user authentication for
Terminal Service connections

/CS  [/v][value]

        /v      View the Terminal Service CredSSP setting
        value   (0 = allow previous versions, 1 = require CredSSP)


IP Security (IPSEC) Monitor - allow remote management
This setting configures the server to allow the IP Security (IPSEC) Monitor to
be able to remotely manage IPSEC.

/IM [/v][value]

   /v   View the IPSEC Monitor setting
        value   (0 = do not allow, 1 = allow remote management)

DNS SRV priority - changes the priority for DNS SRV records
This setting configures the priority for DNS SRV records and is only useful
on Domain Controllers.
For more information on this setting, search TechNet for LdapSrvPriority

/DP [/v][value]

   /v   View the DNS SRV priority setting
        value   (value from 0 through 65535. The recommended value is 200.)


DNS SRV weight - changes the weight for DNS SRV records
This setting configures the weight for DNS SRV records and is only useful
on Domain Controllers.
For more information on this setting, search TechNet for LdapSrvWeight

/DW [/v][value]

   /v   View the DNS SRV weight setting
        value   (value from 0 through 65535. The recommended value is 50.)


Command Line Reference
This setting displays a list of common tasks and how to perform them from
the command line.

/CLI
and /CLI yields: ===CS CLI QuickRef===
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.

To activate:
     Cscript slmgr.vbs -ato

To use KMS volume licensing for activation:
     Configure KMS volume licensing:
          cscript slmgr.vbs -ipk [volume license key]
     Activate KMS licensing
          cscript slmgr.vbs -ato
     Set KMS DNS SRV record
          cscript slmgr.vbs -skma [KMS FQDN]

Determine the computer name, any of the following:
     Set c
     Ipconfig /all
     Systeminfo.exe or Hostname.exe

Rename the Server Core computer:
     Domain joined:
          Netdom renamecomputer %computername% /NewName:new-name /UserD:domain-u
sername /PasswordD:*
     Not domain joined:
          Netdom renamecomputer %computername% /NewName:new-name

Changing workgroups:
     Wmic computersystem where name="%computername%" call  joindomainorworkgroup
 name="[new workgroup name]"

Install a role or optional feature:
     Start /w Ocsetup [packagename]
     Note: For Active Directory, run Dcpromo with an answer file.

View role and optional feature package names and current installation state:
     oclist

Start task manager hot-key:
     ctrl-shift-esc

Logoff of a Terminal Services session:
     Logoff

To set the pagefile size:
     Disable system pagefile management:
          wmic computersystem where name="%computername%" set AutomaticManagedPagefile=False
     Configure the pagefile:
          wmic pagefileset where name="C:\\pagefile.sys" set InitialSize=500,MaximumSize=1000

Configure the timezone, date, or time:
     control timedate.cpl

Configure regional and language options:
     control intl.cpl

Manually install a management tool or agent:
     Msiexec.exe /i [msipackage]

List installed msi applications:
     Wmic product

Uninstall msi applications:
     Wmic product get name /value
     Wmic product where name="[name]" call uninstall

To list installed drivers:
     Sc query type= driver

Install a driver that is not included:
     Copy the driver files to Server Core
     Pnputil -i -a [path]\[driver].inf

Rename a Network Adapter:
     netsh interface set interface name="Local Area Connection" newname="Private Network"

Disable a Network Adapter:
     netsh interface set interface name="Local Area Connection 2" admin=DISABLED

Determine a file's version:
     wmic datafile where name="c:\\windows\\system32\\ntdll.dll" get version

List of installed patches:
     wmic qfe list

Install a patch:
     Wusa.exe [patchame].msu /quiet

Configure a proxy:
     Netsh winhttp set proxy [proxy_name]:[port]

Add, delete, query a Registry value:
     reg.exe add /?
     reg.exe delete /?
     reg.exe query /?
Ref, say, http://support.microsoft.com/kb/555964 or hundreds of other things Google turns up once you know SCregEdit.wsf

Tags:
Current Location: NOC

4 comments or Leave a comment
Comments
mangosteen From: mangosteen Date: June 15th, 2008 12:34 pm (UTC) (Link)
That looks frighteningly useful and informative.

Is that even allowed by MSFT, or was this some rogue developer who got fed up? :)
adric From: adric Date: June 15th, 2008 11:43 pm (UTC) (Link)

Well, he/they work there...

but the rest I'm afraid is someone else's tale to tell.

It genuinely looks like some of their more recent hires implemented a complete and featureful command line interface in the XP-2008 cycle. It's pretty cool if really quirky and unstandarized (cf the wsf script with all of the magic in it) .. and I'm not even really trying to puzzle out why they reimplemented so much of unix (findstr /v ??), shipped UNIX (SUA) as an OS feature, and (!) wrote their own weird and wonderful programmable shell even though they ship Perl, csh (in SUA), and VB. Oh and WSH, too. Wtf is cscript?

It's scary when they are making Gnome look consistent, but I'm happy to have the tools.

Check these links for more dirt:
"Built-in Windows commands to determine if a system has been hacked"
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1303709,00.html

"More built-in Windows commands for system analysis"
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1313370,00.html
10dimensions From: 10dimensions Date: June 15th, 2008 07:28 pm (UTC) (Link)
I was just thinking this exact thing earlier.
adric From: adric Date: June 15th, 2008 11:44 pm (UTC) (Link)

I'm so sorry if that's true..

hahahahah .. thanks hon that gave me a good chuckle!
4 comments or Leave a comment