Category Archives: Commands

PowerShell tips – part 005.

This is another tutorial about PowerShell tips and one powershell command: Get-WindowsOptionalFeature .
Start by using the windows key and try to find the powershell by typing : powershell.
When you see it use right-click the Windows PowerShell and select Run As Administrator from the action menu.
This will open the PowerShell command shell.
Use this command to see all information about the status of the optional Windows features: enabled, disabled, or otherwise:

To have a better view you can use this options:

The where state -eq enabled will show us all features are enabled.
The last part us ft is an alias for Format-Table and –a is the partial parameter for autosize .
You can use PowerShell_ISE to start powershell editor , save the new file named: OptionalFeatures.ps1 .
Into this file you can add the command :

The last part is to run like Administrator this powershell script:

Posted in All, Commands, PowerShell, Windows 10. Tagged with , , , , , .

Error: 0x80070005 from w32tm

I have locked the time on windows with the w32tm command. After I got through 2015 I had to update my Windows time. Although I have the same error at w32tm, here’s how we solved the problem:

Posted in All, Commands, Windows 10. Tagged with , , , , .

How to protect from mass ransomware attack.

On Windows 10, start by pressing Windows key + X, selecting PowerShell (Admin), and pasting the following code:

The SMB1 is an old protocol. More recent versions are not vulnerable to the WanaCryptor 2.0 variant.

Posted in All, Commands, PowerShell, Windows 10. Tagged with , , , , .

Linux: Display or change a pre-login message .

Open file /etc/issue and change the text:

You can use this to add some new infos or ascii image.
The images can be transform into ascii image by using convert image to ascii.
One example to convert a picture into ASCII TEXT,HTML is this website: picascii.com
The main problem can be if you have escape codes consist of a backslash (\) immediately followed by one of the letters explained below:

\b : Insert the baudrate of the current line.
\d : Insert the current date.
\s : Insert the system name, the name of the operating system.
\l : Insert the name of the current tty line.
\m : Insert the architecture identifier of the machine, eg. i486
\n : Insert the nodename of the machine, also known as the hostname.
\o : Insert the domainname of the machine.
\r : Insert the release number of the OS, eg. 1.1.9.
\t : Insert the current time.
\u : Insert the number of current users logged in.
\U : Insert the string “1 user” or “ users” where is the number of current users logged in.
\v : Insert the version of the OS, eg. the build-date etc.

Posted in All, Commands, Linux. Tagged with , , , .

The ASSOC command and scam using (MS-)DOS* Attack

If you want to know which file is associated with which program then we can do this by typing the following command

ASSOC is a command that displays the program and/or functionality ASSOCiated with a specific file type.
The intended victim was influenced by recent reports relating to the recent Internet Explorer bug into believing that it was possible that his machine had been infected as a consequence of that bug, and the scammer used the old ASSOC trick to convince him that one of the lines displayed by ASSOC showed his computer’s ‘unique ID’.
See example:
.ZFSendToTarget=CLSID\{xxx…}
Typical ASSOC output: the string the scammers like to use is flagged in red color.
This log entries as something more serious in order to persuade the intended victim to install remote access software such as AMMYY or TeamViewer / LetMeIn to allow the scammer to access the victim’s machine.

Posted in All, Commands, Windows 10. Tagged with , , , .