Sunday, October 21, 2018

Session Hijacking, Session_Hijacking, example



The service controller (sccommand is a rich command you can use to start, stop, and manipulate services from the command line. This allows you to perform many of 
the same functions from the command line as you can do via the Services console.

CommandDescription
 C:\>sc query
SERVICE_NAME: Netlogon
DISPLAY_NAME: Netlogon
        TYPE               : 20  WIN32_
SHARE_PROCESS
        STATE              : 4  RUNNING
                                (STOPPABLE,
PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0
Lists all running services and drivers. The result on the left shows the results for a single service (the netlogon service), but the actual output shows details on all running services and drivers. The output can be quite extensive. Of course, you can capture the entire output with the redirect (>) symbol assc query > services.txt
Tip
The servicename shows the name of the service that you can use in other commands.
sc query state= all | inactive
C:\>sc query state= all
C:\>sc query state= inactive
Lists all servicesincluding servicesstopped, running, or paused.
Note
There is no space between state and =(state=), and there is a space between = and all (= all).

You can use state= inactive to list only services that are stopped or state= allto list all services, including those that are running and those that are stopped.

No comments:

Post a Comment

Remote Hybrid and Office work