Windows Knowledge
1 GRUB简介
1.1 MBR和PBR
MBR分为GRUB.MBR和DOS.MBR。
由于硬盘上扇区从偏移0到偏移62属于同一个磁道0,虽然DOS.MBR仅占用一个扇区,但是需要将DOS.MBR后面的偏移1到偏移62保留,所以磁盘上第一个分区的第一个扇区是从偏移63开始的。fbinst软件会保留1-16064扇区,等于硬盘1个柱面的大小255 x 63 x 512 = 8MB,所以第一个分区是从扇区16065开始的。
USB-ZIP和USB-FDD会将U盘的第一个扇区格式化成DOS.PBR而不是DOS.MBR。
USB-FDD和USB-ZIP的来历:软盘的容量小,没有分区结构,所以软盘是没有MBR的,整个软盘只有一个分区,第一个扇区就是PBR;FDD和ZIP模式在DOS下启动后U盘的盘符是A。
1.2 GRUB
- GRUB又叫OS Loader;在Android系统上,kernelflinger是OS Loader的一个EFI应用
- GRUB镜像组成:GRUB.MBR(boot.img), 硬盘扇区offset 1 到offset 62放置GRUB的core.img,/boot分区的boot/grub/grub.cfg
1.3 创建USB-FDD或者USB-ZIP格式U盘步骤
1)Android上:dd if=/dev/zero of=/dev/block/sda bs=512 count=4
2)Windows上:快速格式化该U盘,这个U盘就只有PBR扇区而没有MBR扇区
2 Windows安装
2.1 BIOS设置
进入BIOS设置,一般有Del、Enter、Esc等键。
2.2 Windows ISO刻录方法
Windows上的Universal USB Installer工具软件:刻录操作系统ISO文件到U盘
Linux下将操作系统ISO文件刻录到U盘:dd if=xxx.iso of=/dev/sda 注意使用的是整个磁盘,所以用的是sda而不是sda1
2.3 Windows GHO镜像安装方法 - 比较常见
1) 制作PE启动U盘
2) 下载Windows ISO镜像后(番茄花园),解压出来,里面包含GHO文件,拷贝到PE启动U盘的GHO文件夹(或者提前将文件.gho拷贝入待装系统的电脑D盘根目录)。
3) 插入PE启动U盘到电脑USB 2.0口,选择从U盘启动,启动到PE界面后,选ghost方式安装,ghost镜像的后缀名.gho。
2.4 Win10临时关闭驱动签名
This PC - Advanced system settings - Advanced - Environment Variables
开始 - 设置 - 更新和安全 - 恢复 - 点击右边高级启动项下方的立即重启,进入高级启动 - 选择疑难解答 - 高级选项 - 启动设置 - 重启 - 再按数字键7或F7禁止驱动签名
期间可能要求输入Bitlocker Recovery Key,提前从如下的网址中获取,或者在别人电脑登录获取。
https://myaccount.microsoft.com/device-list
2.5 Printer
2.5.1 Printer
1)HP LaserJet M1005 MFP
2)Nantian PR9 并口-OKI仿真驱动
2.5.2 Canon TS308 Cartridge
CL-846S Color, PG-845S Black. CL stands for ChromaLife, PG stands for Pigment Based, 8 is for China market, S stands for small.
FINE: Canon Full-photolithography Inkjet Nozzle Engineering
PIXMA: PIxel Maximum and Power
SELPHY: do it yourSELf PHotographY
How to print without a color cartridge- Canon Pixma?
https://www.computerhope.com/forum/index.php?topic=105910.0
Having just experienced this same problem with another model (Pixma all in one) from Canon and talking with their tech support I can contribute the following. When ANY cartridge becomes either defective or empty you CANNOT use any of the other components of the device.
2.5.3 HP 803 Cartridge Pinout
CSYNC: Data group switching line
D1: yellow
D2: magenta
D3: cyan
DCLK, S1-S5: clock line
F3, F5: Print trigger line
TS: Thermal sensor
2.5.4 CPU
Canon uses Conexant SoC
Canon CP-200
NEC uPD703107: 32 bit 256 KB mask ROM in 2004
Cypress SL811HST
Epson REALOID (NEC 90nm)
2.5.5 WLAN module
Canon
ALPS ZE-5P3A, based on marvell 88W8782
Canon MG7780
Canon USB WLAN K30365, based on Marvell 88W8801
Ricoh SP 150SUw
USB WLAN WN4616L, based on RTL8192EU
3 Windows网络
3.1 CMD方式配置IP地址
:: netsh: Network Shell
@echo off
if [%1] == [] (
echo "Usage:"
echo "WIN_IP.bat static"
echo "WIN_IP.bat dhcp"
echo "WIN_IP.bat speed"
goto :EOF
)
if %1 == static (
call :static_ip 192.168.0.100
) else if %1 == dhcp (
call :dhcp_ip
) else if %1 == speed (
call :nic_speed
)
goto :EOF
:static_ip
set name="Ethernet"
set ip=%~1
set mask=255.255.255.0
:: gwmetric=1
echo "setting static ip address..."
netsh interface ipv4 set address %name% static %ip% %mask% none 1
:: netsh interface ipv4 set dns %name% static 114.114.114.114
:: netsh interface ipv4 add dns %name% 8.8.8.8
:: Device Manager - Network adapters - Properties - Advanced - VLAN ID
PowerShell Get-NetAdapter
PowerShell Set-NetAdapterAdvancedProperty -Name %name% -DisplayName \"VLAN ID\" -DisplayValue 60
goto :EOF
:dhcp_ip
set name="Ethernet"
echo "setting dhcp..."
netsh interface ipv4 set address %name% dhcp
netsh interface ipv4 set dns %name% dhcp
PowerShell Reset-NetAdapterAdvancedProperty -Name %name% -DisplayName \"VLAN ID\"
goto :EOF
:nic_speed
wmic NIC where NetEnabled=true get Name, Speed
3.2 DNS查询流程
1) 现有的DNS缓存
ipconfig /displaydns
2) 查询hosts文件
C:WindowsSystem32driversetchosts
3) 请求发往DNS服务器
ipconfig /all
3.3 firewall
appwiz.cpl
msconfig
wf.msc
Inbound Rules and Outbound Rules
Enable 4 File and Printer Sharing (Echo Request - ICMPv4-Out)
netsh advfirewall firewall add rule name="UDP ports" protocol=UDP dir=in localport=8080 action=allow
https://github.com/DynamoRIO/drmemory/wiki/Downloads
3.4 Multicast
- Windows组播client需要使用setsockopt()设置IP_ADD_MEMBERSHIP(加入指定的组播组)才能接收组播server发送的数据。
- 组播MAC地址是指第一个字节的最低位是1的MAC地址。
- 组播MAC地址的前3个字节固定为01:00:5e,后3个字节使用组播IP的后23位。例如239.192.255.251的MAC地址为01:00:5e:40:ff:fb。
- Windows 10 Wireshark要抓取SOME/IP组播报文,需要使用SocketTool工具监听239.192.255.251:30490,然后Wireshark才会显示组播报文,否则不显示(Windows netmon不需要任何设置,就可以抓到全部报文)。
netsh interface ip show joins
Win 10 PowerShell:
Get-NetAdapter | Format-List -Property ifAlias,PromiscuousMode
In Linux, map IP addr to multicast MAC is function ip_eth_mc_map(), kernel eventually calls driver ndo_set_rx_mode() to set multicast MAC to NIC RX MAC filter table.
3.5 NAT
查看当前机器的NAT端口代理表:
netsh interface portproxy show all
1) 第三方软件PortTunnel。
2) ICS(Internet Connection Sharing)是NAT的简化版。
3) showcase: USB Reverse Tethering
3.6 route命令用法
route [-f] [-p] [command [destination] [mask netmask] [gateway] [metric metric] [if interface]]
route print
::增加一条到192.168.0.10/24网络的路由,网关是192.168.0.1,最后一个if参数是数字,可以使用route print查询,类似于Android的NetId。
route add 192.168.0.0 mask 255.255.255.0 192.168.0.1 metric 1 if 11
::删除192.168.0.10这条路由
route delete 192.168.0.0
3.7 WiFi AP
1) get password
netsh wlan show profiles
netsh wlan show profiles name="FAST_ABCD" key=clear
2) enable Soft AP
netsh wlan show drivers
::netsh wlan set hostednetwork mode=allow
netsh wlan set hostednetwork mode=allow ssid=myWIFI key=12345678
netsh wlan start hostednetwork
::netsh wlan stop hostednetwork
3.8 Malicious software
Task Manager
Find process name, open file location, remove xxx.exe, rename empty xxx.txt to xxx.exe
4 Office
4.1 Excel
4.1.1 插入符号
Insert
Symbol
More Symbols
Wingdings 2
4.1.2 excel百分比的计算
删除数字之间的空格:fx=SUBSTITUE(C2, " ", "")
选中一个单元格,找到行的坐标,譬如C2和B2,则percent的公式是fx=(C2-B2)/B2。
然后选中D列,右键选择Format Cells...,Percentage - Decimal Places的值为2,会将D列数据转成百分比了。
4.2 Outlook
4.2.1 邮箱清理
File - Info - Tools - Mailbox Cleanup - AutoArchive
Calendar (Left Bottom) - View (Change View to Calendar) - Choose Menu Month
4.2.2 TCAM filter rule
Home - ... - Rules - Create Rule (Manage Rules & Alerts) - Title
4.2.3 Automatic Replies
File, Info, Automatic Replies
4.2.4 邮件组
Home - New Items - More Items - Contact Group - Add Members - From Outlook Contacts - Save & Close
4.3 Powerpoint画图
插入 - > 形状
Insert - > Shapes
4.4 Word
升级目录
[References][Update Table]
5 Sprax EA
5.1 Install
Windows - Self Service Client - Find Enterprise Architect - Install
5.2 Version Control Settings
Working Copy Path: project path - The project folder includes many xml files.
Subversion Exe Path: \path\to\TortoiseSVN\bin\svn.exe
项目右键 - Package Control - Version Control Settings...
EA opens .qea (64bit EA project) for Version Control Settings.
How to edit specific page?
Right-click the specific folder in GUI, choose Package Control - Check Out...
How to find who locks the editor?
Go to the project folder through Windows Explorer, right-click the specific folder, choose TortoiseSVN - Check for modifications - Check repository, find who has locked the folder.
5.3 Package拷贝粘贴
拷贝一个package,右键选择Copy - Full Structure for Duplication,然后找到要粘贴的上级package,右键Paste - Package from Clipboard。
5.4 Drawing
Design - Toolbox
Lifeline & Message (Message/Argument/Return Value, Is Return)
拷贝到Word文档中的命令:Publish - Save - Save to Clipboard
6 CodeSonar
Windows Settings - Apps - Optional features - Add a feature - Find OpenSSH Client - Install
Microsoft VS code left - Remote Explorer - SSH Targets - +
7 USB
Win7 CMD:
wmic path Win32_PnPSignedDriver | find "Android"
wmic path Win32_PnPSignedDriver | find "USB"
:: similar to Linux lsusb
wmic path Win32_USBControllerDevice get Dependent
8 Abbreviations
CAB: Capacity Approval Board
NPcap: Nmap Packet Capture
wmic: Windows Management Instrumentation Command-line