Nopey - system setting tool: Difference between revisions
m (Wikipedia python library) |
(→Links) |
||
Line 1: | Line 1: | ||
== Links == | == Links == | ||
<attach>Nopey.zip</attach> | |||
== Description == | == Description == |
Revision as of 11:23, 22 April 2005
Links
Nopey.zip (54 KB)
Description
I got a nifty little tool called "Nopey" which has been done in my "naughty years" in the internet. Quite versatile and easy to use. It's basically an executable file which can be used to control the users' computer in many ways. You can also gather a lot of info from the users' system. nsExec should be used to call it. I also included a little demo which shows you some very basic functions. Here is the command list:
Commands
info, zip, list, kill, char, color, mode, sysreboot, sysdown, sysabort, net, logoff, poweroff, reboot, shutdown, cd, winamp, monitor, vol[ume], regdump, child, ser[vice], err[code], dump, copy, sync, pause, resume, sleep, show, hide, nc, runas, tweak " <commad>/? " to get help about options and details info: system information info system - basic system information info os - OS information info cpu - processor type, features, speed and other characteritics, plus Intel and AMD cpu specific information, if available info memory - memory usage info snd - show basic mixer controls (left and right volume settings) info sndtree - show mixer controls tree and current controls settings (includes name, ID, current value and acceptable range) info video - list video modes (win9x does not show display freqs) for windows 9x, don't use it in text fullscreen mode info ddraw - list DirectDraw video modes info ide [caps] - list IDE ATA/ATAPI devices [show capabilities & timings] note: when in 9x mode, program hacks GDT, so disable AV-monitors and other GDT-protecting software info cd - identify all installed CD-ROMs (9x: GDT is also used) info part[itions]- list partition tables on fixed drives (nt only) info disk [X:]* - info about disk(s) zip: control ZipMagic state. this does not require ZMCMDLN.EXE zip 0 - disable ZipMagic zip0 - disable ZipMagic zip 1 - enable ZipMagic zip1 - enable ZipMagic before enabling ZipMagic programs tries to load ZM32 or ZM32NT if they are not loaded. on windows nt program starts ZMNTMON service and handles 'ShutDown' key in registry for skipping message 'ZipMagic was not shutdown correctly' list: list system objects list - show processes list threads [<procname>] - show threads list dlls [<procname>] - show loaded DLLs [in specified process] note: relocated DLLs bases displayed with '*' list map [<procname>] - process memory map (nt: show mapped files) list vars [<procname>] - show process variables and environment (nt) list res [<procname>] - show used resources for process (nt) list drivers - show loaded drivers (nt) list objects [-r] [<root>] - list nt kernel objects [recurse] list files [<procname>] - show opened files (9x) list handles [-n] [-f] [-t:<obj>] [<procname>] - show used handles (nt) list pipes - list pipes (nt) list mailslots - show mailslots (nt) kill: terminate process kill <processname> - terminate process by name (may specify only some first chars of name) note: all instances of process.exe will be killed kill 0x78 - terminate process by ID (hex) kill 120 - terminate process ID (dec) it's possible to terminate several processes in one time, ex: kill proc1.exe proc2.exe shortcuts: ke - kill explorer.exe kd - kill ntvdm.exe char: print OEM/ANSI code tables color: print color map mode: show/change display mode mode - show current display mode mode [-test] [-permanent] xx [yy [c [fq]]] mode xx - set horizontal resolution to xx, autodetect vertical resolution mode xx yy - set resolution to xx*yy mode xx yy c - set resolution to xx*yy and color depth to c bits mode xx yy fq - set resolution, color depth and monitor frequency examples: mode 800 - set 800x600, leave same color depth mode 1024 768 16 - set 1024x768, high color mode 640 480 8 75 - set 640x480, 256 colors, 75 herz mode -test 1280 - try 1280x1024 mode -permanent 1024 - set 1024x768 as default video mode for current user note: see 'ws info video' to get list of supported modes note for windows 9x: don't use it in text fullscreen mode sysreboot: remote shutdown (NT only) sysreboot n - reboot local machine after n seconds sysreboot n <computer> - reboot computer after nn seconds sysreboot n <computer> <msg> - reboot computer and display message sysdown n - shutdown local machine after nn seconds sysdown n <computer> - shutdown computer after nn seconds sysdown n <computer> <msg> - shutdown computer and display message sysabort - stop shutdown or reboot on local machine sysabort <computer> - stop shutdown or reboot on computer examples: sysdown 0 - shutdown windows now sysreboot 300 \\SERVER "you have 5 minutes, user!" - reboot \\SERVER after 300 seconds note: you must have enough access rights to computers in network hint1: NOBODY can start new shutdown, if there is active one hint2: almost all users have privileges to start/stop local shutdowns net: network commands net view - view network resources note: this command is under development for now exit windows: logoff | reboot | shutdown | poweroff [-force] logoff - end windows session reboot - reboot the computer shutdown - shutdown the computer poweroff - shutdown and turn power off use flag -force to terminate programs without notifications cd: control CD-ROM cd - show disk info and tracklist (uses cdplayer.ini) cd driveinfo - show drive low-level info cd speed <n> [-k[h]] - set maximum spindle speed (and keep [hide console]) cd play - play audio CD cd play <nn> - play audio CD from track nn cd play <nn:mm:ss> - play audio CD from track nn and time mm:ss cd pause - pause CD-Audio cd resume - resume CD-Audio from pause (win2k only) cd stop - stop playing, stop disk in drive cd eject | open - open drive door and eject disk cd load | close - load disk and close drive door cd grab - grab cd audio (nt) 'ws cd grab /?' for more help note: you can append CD-ROM drive letter after command 'cd', ex: cd D: - show info about disk in drive D: cd E: eject - eject disk from CD-ROM drive E: winamp: console interface for winamp winamp - show winamp version, status and song information winamp clear - clear winamp playlist winamp list - show playlist. current song is highlighted winamp play - play current song winamp play NN - play song number NN winamp stop - stop playing winamp pause - pause/unpause winamp winamp next - play next song winamp prev - play previous song winamp restart - restart from first song winamp fadeout - smooth stop winamp last - stop after finishing current song winamp close - unload winamp, save settings and playlist winamp volume - set sound volume (in percents) winamp file <file|dir>+ - add files or directories to playlist winamp playfile<file|dir>+ - add files to playlist and play them monitor: switch monitor to low power consuming mode monitor suspend - suspend mode monitor doze | standby - standby mode monitor on - normal mode monitor poweroff - switch power off (not supported by most monitors) volume: change sound volume and mixer controls settings volume - display master volume volume master=<nn> - set master output volume (in percents) volume midi=<nn> - set midi output volume volume wave=<nn> - set wave output volume volume <control_ID>=nn - set volume control state (see 'ws info sndtree' for acceptable IDs and values) examples: vol master=100 - set full master volume volume midi=50 - set volume for midi0 device to 50% volume midi2=0 - mute second midi device volume 0001=1 - mute all sounds regdump: dump registry to files, use it to defragment registry note. if you can't access some hives, try this: ws child -u winlogon.exe ws regdump D:\haxor>nopey child /? child: make child process from a given process (nt only) (new process inherits security context of old process) child [-u] [-d:Desktop] <hostprocess> <newprocess> [parameters] switches: -u - use alternative method (undocumented functions) -d:<Desktop> - run process on specified desktop (inherited from hostprocess by default, use -d to set 'WinSta0\Default') example: child -d winlogon cmd.exe - start shell with system privileges note: you need SeDebugPrivilege, so it's not an exploit note: you may use PID for hostprocess like as in 'kill' command service: control windows nt services service list [<options>*] - list services service start <service><args> - start service service stop <service> - stop service service pause <service> - pause running service service cont[inue] <service> - resume paused service service remove <service> - remove service service install [<service>] <fullpath> - install service options for list: -k - include kernel drivers -fs - include filesystem drivers -w32 - include win32 services -r - list running services -s - list stopped services -p - list paused services -n - disable color output <name> - show details about service * - details about all services note: you can add computer name, username and password before subcommand: service \\test Administrator * start ntice - query password service \\ws12 Test 123 list - use account of 'Test' errcode: display error message corresponding to win32 error code errcode <errcode> - message corresonding win32 error code errcode nt:<errcode> - message corresonding NTSTATUS code examples: errcode 0x20 - hex error code errcode 32 - decimal error code errcode 4D5 - hex error code errcode nt:0x8000002 - NTSTATUS code dump: save process memory to disk (rip decrunched data) dump [<options>*] <process_name> - save process data options: -r - save readonly data too (default: only read/write) -s - save to single file (for automatic rippers) -i - save data belongs to images too (default: private and mapped only) (this flag is always set in 9x) copy: copy file or object (nt only) copy [switches] <source-names> <destination> switches: -block=nnnn - buffer size -max=nnnn - copy not more then nnnn bytes from each file -so=nnnn - read source from specified offset (<4Gb) -do=nnnn - write to destination from specified offset (<4Gb) -a - append source to destination -r - no read caching -w - no write caching -k - any key stops copy -t - truncate destination at end of data special names for source and destination: hd0, hd1, ... - physical drives pt0, pt1, ... - partition table of physical drive a: b: ... - logical drives bta, btb, ... - boot sector of drive cd0, cd1, ... - cd-roms zero - /dev/zero (source) rnd - pseudo-random data (source) sync: flush disk write cache sync - flush all fixed disks sync [drive:]* - flush specified drives pause: pause process or thread (nt) pause [processname|pid]* - pause all threads of process pause -t:<tid>* - pause thread resume: resume process or thread (nt) resume [processname|pid]* - resume all threads of process resume -t:<tid>* - resume thread sleep: do pause sleep <nn> - pause for <nn> msec show: show top-level windows show -p <processname> - show all process windows show <windowtitle_substring> - show windows with certain title hide: hide top-level windows hide -p <processname> - hide all process windows hide <windowtitle_substring> - hide windows with certain title nc: netcat utility nc [<switches>] [host][:port] [<switches>] switches: -r - reconnect/relisten after closing connection -hi - hide input stream -ho - hide output stream -l:<file> - log to file -c<nnnn> - use codepage nnnn when no hostname given, program goes to listen mode runas: create process in another security context (nt only) runas [-a] [domain\]user[:password] process [params]* switch -a means 'use alternative (NT4 style for 2k, 2k style for NT4) method' when no password specified, it's queried for windows NT4, you need a SeDebugPrivilege tweak: change various hidden configuration settings tweak cpu [wa:0|1] [dp:0|1] [ewbe:0|1|2|3] - set cpu mode for K6,K6-2,K6-3 wa: write allocation, dp: data prefetch, ewbe: write ordering (0-compatible, ..., 3-fastest) default is max performance (wa:1 dp:1 ewbe:3) tweak vdm [<low> <hi>] - allow DOS VDM to access ports range (win 2000 only) default is 0x388 0x38F (adlib ports) - dos progs can play adlib music
As this App can also do a lot of damage the a system I would like to add, that I am in no way responsible for anything you do with it. Some functions might reboot your computer or even worse, if used in the wrong way, so be warned. Aside of this,if you do use its' potential in a non-harming way, it saves you a lot of headaches and script fumbling :)
have fun,
doberlec
P.s. The cmd-list given here is all you get from me documentation-wise.
Page author: doberlec