Create a cmd alias/shortcut for issuing commands on remote computer

Before we begin, you must:

1) Open your text editor of choice and paste the following code:

C:\path\to\PSTools\PsExec.exe \\%1 cmd /c %2

Correct the path for PsExec.exe. Save it as rce.bat in the %windir%\system32 folder. If not permitted, save it elsewhere and copy it into the system32 folder manually (will probably show UAC prompt).

Fun fact: RCE is short for Remote Code Execution, typically the holy grail of vulnerability exploits

2) Actually there’s no more steps, you’re done.

Lets try it out. Open cmd.exe and run the following command:

rce computername ipconfig

Note that if the command uses several separated words, you must enclose it with ” ”

rce computername "net stats workstation"

 

You might also be interested in this other article showing you how to make a sudo-like command for opening an elevated command prompt:

Create a su command for Windows Command Prompt

Telnet alternative to check if port is open on host

Many people still use telnet (client) for checking if port is open on remote host.
The Powershell cmdlet Test-NetConnection is the new and improved tool for this and by creating a function alias in your profile settings you can have it easily available at any time without remembering the syntax.

1) Open Powershell profile
notepad $profile

2) Add script
function open([string]$arg1, [int]$arg2)
{
     Test-NetConnection -ComputerName $arg1 -Port $arg2 -InformationLevel Detailed
}

3) Save file and close/reopen the Powershell window

4) Test it in your powershell prompt by writing open google.com 80

Change Resize Mode for all VMs in RoyalTS 4

I just spent a ridiculous amount of time figuring out how to change default “Resize mode” for all VMs because it was too much work do it for every single RDP/VM connection. Old google results came up with various ways for setting a global setting, but it was nowhere to be found in RoyalTS version 4. So here’s another solution:

1) Open the folder in Dashboard view

2) Mark all of the VMs (CTRL+A if you will)

3) Right-click and choose Properties

4) Go to Display Options -> Bulk Edit -> Resize Mode

The Resize mode is now unlocked and will be changed for all the selected VMs

That’s it

 

Finding the source for locked AD account from Event Viewer log on Domain controller

It’s actually really simple, but you’ll need administrator access on the domain controller in order to read the security event log so you might have to consult upper sys admins.

It seems to not want to filter/sort by username though so if you’re managing a huge enterprise with thousands of users this could be a bit tedious. On the other side, if that’s the case I suppose you already have better tools for the job.

Anyway, all invalid login attempts are logged as event id 4776 (Credential Validation).

  1. Open Event Viewer and connect to domain controller
  2. Go to Windows Logs -> Security
  3. Click on Filter Current Log... in the right navigation menu
  4. Enter 4776 into the input field which says <All Event IDs>
  5. Browse through the invalid login attempts till you find the one which belongs to your user and look in the description text field where it says “Source Workstation:    hostname”

NiceHash hacked?

NiceHash has been down since this morning and people are beginning to go crazy. Rumours regarding a possible hacking incident has been increasing on /r/NiceHash after they noticed a bitcoin wallet has received over 4700 BTC from one of NiceHash’ wallets.

NiceHash reports on their twitter account they are down for maintenance. No official statement regarding the hacking accusations have been addressed so far.

See more details here: https://bitinfocharts.com/bitcoin/address/1EnJHhq8Jq8vDuZA5ahVh6H4t6jh1mB4rq

NiceHash is a marketplace where miners sell processing capacity for mining Altcoins (alternative cryptocurrency coins).

Experienced miners who have already started mining for other pools have statet that their profits have increased by x4-x5 because a lot of the NiceHash “miner-farms” are currently offline and driving the prices up.

Check out their reddit channel /r/NiceHash for updated news

Bash function to check if it’s friday

Ever wondered if today’s Friday? Yeah me too, every day.

Keep yourself updated with this simple function.

 

1) Open your profile settings file
nano ~/.bashrc

2) Enter the following function in the bottom

yay() {
    day=$(date +%u)
    if [ "$day" == "5" ];
    then
        echo "YAY, IT'S FRIDAY!!!"
    else
        echo "Not to bring you down, but it's not friday yet :("
    fi
}

3) Reload your config file
. ~/.bashrc

4) Try it out! Just type yay in your terminal window whenever you wonder if it’s Friday or not.

How to see server uptime on Windows and Linux

See uptime and average load information on Linux machines

Run command:uptime

Output:

kek@donald:~$ uptime
 08:17:33 up 293 days, 14:21, 1 user, load average: 0.00, 0.00, 0.00

 

Show uptime on Windows machines using net stats

AFAIK there is no command in Windows to quickly see the uptime. However, there are several commands to get the last boot time, although you’ll have to do a quick calculation if you need the uptime in days. The easiest/fastest method is to use net stats.

Run command: net stats srv

Output:

C:\Users\kek>net stats srv
Server Statistics for \\hostname

Statistics since 09.11.2017 00.02.28 # last boot/uptime

Sessions accepted 1
Sessions timed-out 0
Sessions errored-out 0

Kilobytes sent 1649
Kilobytes received 1181193

Mean response time (msec) 0

System errors 0
Permission violations 0
Password violations 0

Files accessed 329
Communication devices accessed 0
Print jobs spooled 0

Times buffers exhausted

Big buffers 0
 Request buffers 0

The command completed successfully.

 

 

Fix for Adobe Acrobat XI Pro Error “Failed to send a DDE command”

Adobe Acrobat XI Pro v11.0.19 would instantly crash when opening .pdf files and show the following error message:

Failed to send a DDE command

Issue seemed to be that Acrobat was already running another process which had crashed so after killing all Acro* processes it worked like usual again.

However, fast forward a few minutes and Acrobat started hanging again. We tried to do a repair install from the application list (appwiz.cpl) but it got stuck.

Finally we rebooted the computer… problem solved.