CMD

Wireshark (TSHARK) from the CMD line.

· July 5, 2023 · Microsoft, CMD, Microsoft, Wireshark · , , , , , , , , , , , , , , , · No Comments

TShark is a command-line tool that comes bundled with Wireshark. It provides similar functionality to Wireshark but without the GUI. Below are some options for running TShark.

Make sure to add the Wireshark directory to your %Path% or run the command from the Wireshark folder under “Program Files”.

Basic TShark command:

tshark

To select and interface if you have more then one

tshark -i <interface_Name>

Capture packets to a file:

tshark -i <interface_name> -w captured.pcap

This command captures and saves them to the specified file “captured.pcap”

Read a Capture File:

tshark -r captured.pcap

This command reads the captured file “captured.pcap” and displays the packet information.

Filtering Packets:

You can apply disply filters to TShark to view specific packets. User the ‘-Y’ option followed by the filter expression.

tshark -r captured.pcap -Y "expression"

Replace “expression” with the desired filter such as “ip.addr == 192.168.0.1” to filter packets with a specific IP address.

Display summary information:

TShark can also display summary information about captured packets. User the ‘-z’ option followed by the summary type.

tshark -r captured.pcap -z "summary"

Replace “summary” with the desired summary type, such as ‘io,phs’ for the I/O and protocol hierarchy summary.

I will be adding more articles about Wireshark/TShark in the coming weeks, please stay tuned.

PowerShell script that uses Robocopy to copy files, verify source and destination and then sends an email on completion.

· June 24, 2023 · Microsoft, CMD, Microsoft, robocopy · , , , , , , , , · No Comments

Here is a basic PowerShell script to copy files also checking if the source and destination locations exist. PowerShell will then send an email if the Robocopy process completed successfully.

Example:

@echo off

set "source=C:\SourceFolder"
set "destination=\\RemoteServer\SharedFolder"
set "smtpServer=smtp.example.com"
set "sender=sender@example.com"
set "recipient=recipient@example.com"

REM Check if source folder exists
if not exist "%source%" (
    echo Source folder does not exist.
    exit /b
)

REM Check if destination folder exists
if not exist "%destination%" (
    echo Destination folder does not exist.
    exit /b
)

REM Check if destination is accessible
dir "%destination%" >nul 2>&1
if not %errorlevel%==0 (
    echo Destination folder is not accessible.
    exit /b
)

REM Perform the copy operation
robocopy "%source%" "%destination%" /E /COPYALL /R:3 /W:10 /MT

REM Check Robocopy exit code
if not %errorlevel%==0 (
    echo Robocopy encountered an error.
    exit /b
)

REM Send email notification
powershell.exe -ExecutionPolicy Bypass -Command "Send-MailMessage -From '%sender%' -To '%recipient%' -Subject 'Robocopy Complete' -Body 'Robocopy operation completed successfully.'"

exit /b

Let’s breakdown some of the variables in the script:

  • ‘source’: Path of the local source folder.
  • ‘destination’: Path of the remote destination folder.
  • ‘smtpserver’: SMTP server address for sending email.
  • ‘sender’: Email address of the sender.
  • ‘recipient’: Email address of the recipient.

So, after the Robocopy operation finishes, the script checks the Robocopy exit code, if the exit code is a success, the script will proceed to send and email using PowerShell ‘Send-EmailMessage’ cmdlet. Please feel free to customize it, you also might need to add variables for mail port and possible username and password of the email sender.

You will also need adjust the execution policy of PowerShell (‘Set-ExecutionPolicy Unrestricted’) if needed.

Copying Files With Robocopy

· June 20, 2023 · Microsoft, CMD, Microsoft, robocopy, Uncategorized · , , , , , , , , · No Comments

Robocopy (Robust File Copy) is a powerful command-line tool in Windows used for advanced file and folder copying operations. Robocopy provides more control and flexibility compared to copy commands like ‘copy’ or ‘xcopy’. Robocopy has is really useful for tasks such as mirrioring directories, backing up files, or syncing files/folders between different locations. I will provide you with some basic examples on how to use Robocopy today.

Basic Robocopy command:

robocopy <source> <destination>

This command copies files and sub-directories from the source directory to the destination directory.

Example:

robocopy C:\SourceFolder D:\DestinationFolder

This command copies all files and sub-directories from ‘C:\SourceFolder’ to ‘D:\DestinationFolder’

Mirror a directory:

robocopy <source> <destination> /MIR

The ‘/MIR’ option mirrors the source directory to the destination directory, which means it copies files and sub-directories and also removes any files or directories in the destination that no longer exist in the source.

Example:

robocopy C:\SourceFolder D:\DestinationFolder /MIR

This commands mirrors ‘C:\SourceFolder’ to ‘D:\DestinationFolder’, copying any new or changing files and deleting any files or directories in the destination that don’t exist in the source.

Copy files in restartable mode:

robocopy <source> <destination> /Z

The ‘/Z’ option enables restartable mode, which allows the copying process to resume from the point of it was interrupted.

Example:

robocopy C:\SourceFolder D:\DestinationFolder /Z

Like the examples above this command copies files from ‘C:\SourceFolder’ to ‘D:\DestinationFolder’ but this time it’s in a restartable mode.

The last example for today is how to just copy new or changed files, which will prevent files in the destination directory from being overwritten. So only files that are newer or don’t exist are going to exist in the destination folder.

Copy only new or changed files:

robocopy C:\SourceFolders D:\DestinationFolder /XO

I will start adding some advanced methods I use Robocopy for in a production environment, but this tool is just so handy for even backing up personal computers to a NAS or other storage device. Thanks for reading and have a wonderful day!

3 Ways to Map a Network Drive

· June 20, 2023 · Microsoft, CMD, Microsoft · , , , , , , , , , · No Comments

Here are three methods specifically for mapping a network drive on a Windows machine.

Using File Explorer

  • Open File Explorer by pressing Win + E.
  • Click on “This PC” in the left sidebar.
  • In the top menu, click on “Map Network Drive”.
  • Choose a drive letter from the drop down menu.
  • In the “Folder” field, enter the network path of the shared folder you want to map.
  • Check the box “Reconnect at sign-in” if you want the map drive to be connecting after you reboot the computer.
  • Click “Finish” to complete the drive mapping.

Command Prompt:

  • Open Command Prompt by pressing Win + R, typing “cmd” and pressing Enter.
  • In the Command Prompt window, type the following command and press Enter.
net use <drive-letter>: \\server\sharedfolder

Replace <drive-letter> with the letter you want to assign to the network drive (e.g., Z:), and \\server\sharedfolder with the actual network path.

  • If prompted, provide the username and password for the network location.
  • The network drive should now be mapped and accessible through the drive letter you have chosen.

Powershell:

  • Open PowerShell by pressing Win + X and selecting “Windows Powershell” or “Windows PowerShell (Admin).”
  • In the PowerShell window, type the following command and press Enter.
New-PSDrive -Name <drive-letter> -PSProvider FileSystem -Root \\server\sharedfolder
  • If Prompted, provide the username and password for the network location.
  • The network drive should now be mapped and available through the drive letter you have chosen.

I have provided you with some ways of mapping a network drive on a Windows system, but remember to replace \\server\sharedfolder with the actual network path you would like to map.

Website Powered by WordPress.com.