A Cmd/Windows/Powershell Rosetta

Here’s a copy of some Onenote notes I  made about 4 years ago when I was a Linux user desperately trying to learn Windows (and this was before WSL). Back in my day we were forced to use Cygwin or MinGW! There are some other similar guides out there. Hopefully this helps someone! I’ve done some light editing, but this is mostly my notes in raw form.

A powershell survival guide:



Powershell Linux/Unix Windows CMD PS Alias
get-acl whoami whoami whoami
get-alias aliases   gal
clear-host clear cls clear
get-volume df    


fdisk chkdisk  
enter-pssession ssh   etsn
Get-ChildItem ls dir ls, dir
Remove-Item rm del rm, del


ps tasklist ps
Get-Location pwd   pwd
Move-Item mv move mv
Stop-Process kill taskkill kill
Get-History h [f7] h,history
Set-Location cd cd cd
Get-Content cat type cat,gc,type
Copy-item cp copy cp
Tee-Object tee   tee
New-Item -type file touch   ni
Get-ChildItem Env:/gci Env: env set env (sometimes)
Get-Help man help man, help
Select-String grep findstr sls
  logout shutdown /l


Get-ChildItem find where gci
Sort-Object sort   sort
Get-Content -totalcount

Select-Object -first

head   gc


Get-Service update-rc.d/chkconfig sc config gsv
start-service service start /etc/init.d/<service>start net start/sc start sasv
get-content <file> -tail <n>

select -last <x>

tail -n <x>   gc
Get-Service service –status-all/   Gsv
Get-Netipaddress/New-NetIpAddress Ifconfig ipconfig  
Get-NetAdapaterStatistics ifconfig    
adduser   net user  
Get-Command which, alias <command> where gcm
Test-NetConnection ping ping  
Test-NetConnection -Traceroute traceroute tracert  
Test-Netconnection -Port tcping    
Test-Connection ping ping  


dumpbin /dependents “file.exe”

(dumpbin comes with visual studio)

foreach {“{0}” -f ($_ -split ‘\s+’)} or

foreach {($_ -split ‘\s+’)[0]}

awk ‘{ print $1}’    

measure-object -line

wc -l   measure
measure-command time    


shutdown -h now shutdown /s /t 0  


set-alias alias command=   sal
get-culture locale    


  dd if=/dev/random of=/temp/file size=1gb  fsutil file createnew 1gbtest (1gb)  
write-eventlog logger eventcreate  
Rename-computer newhostname hostname  new-hostname    
Add-Computer -DomainName ADDOMAIN Joindomain-cli ADDOMAIN adminuser (using powerbroker) otherwise…winbind    
Test-ComputerSecureChannel -credential domain\admin -Repair      
New-netfirewallrule iptables    


$wmi = Get-WmiObject -Class Win32_OperatingSystem;$wmi.ConvertToDateTime($wmi.LocalDateTime) – $wmi.ConvertToDateTime($wmi.LastBootUpTime)




Process Magic

Get a process with a listening port:

netstat -aon|sls LISTENING|sls  port

Use WMI to get a procid

get-wmiobject win32_process -filter "ProcessID like '1234'"

Use WMI to get a process with owners

Get-WMIObject Win32_Process -filter 'name="explorer.exe"' -computername 'localhost' | ForEach-Object { $owner = $_.GetOwner(); '{0}\{1}' -f $owner.Domain, $owner.User } | Sort-Object | Get-Unique

Use WMI to get something similar to ps auxww

Get-WmiObject Win32_Process -Filter "Name like '%java%'" | select-Object ProcessId,CommandLine|format-list

qwista, query session


Powershell Commands are in Verb-Noun form. You can search for them:

get-command (list of commands)

get-command -Verb Get (your verb choice)

get-command -Noun String (your noun choice)

Get-Help man (man works)


Get detailed info about a drive

Fsutil fsinfo ntfsinfo c:

GUI: Computer Management

# Like du -s

gci . | %{$f=$_; gci -r $_.FullName| measure-object -property length -sum | select @{Name=”Name”; Expression={$f}} , @{Name=”Sum (MB)”; Expression={ “{0:N3}” -f ($_.sum / 1MB) }}, Sum } | sort Sum -desc | format-table -Property Name,”Sum (MB)”, Sum -autosize


Command similar to Linux find:

# This will find mp* files

Get-ChildItem “file_location” -Recurse -Include “*.mp*”,”*.m4*” | foreach-object {$_.Fullname}

Remote session in windows (like ssh)

ssh enter-pssession ComputerName –credential UserName,

Needs port 5985 open

# Open up firewall on the server

netsh firewall add portopening TCP 5985 “Winrm 2.0 port 5985″

or the new way

netsh advfirewall firewall add rule name=”Winrm 2.0 Port 5985″ dir=in action=allow protocol=TCP localport=5985

# Trusting the remote host

winrm set winrm/config/client @{TrustedHosts=”RemoteComputerName”}

Making a profile (equiv edit .profile):

New-Item -path $profile -type file -force

Pipe things:

get-command | select-string -pattern “Start”

Select-String vs Where-Object

Frequently, output of commands is formatted in object columns. Select-string won’t grok it, but where-object (where) will. You’ll just need to specify the object name:

get-service|where {$_.DisplayName -like “*Apache*”}

Additional Info on using “Where-Object” to pass multiple conditions


dir E:\temp | Where-Object { $_.PSIsContainer -and $_.Name -like ‘t*’ }


#You will often need to add parentheses to group expressions on either side of the -and and -or operators

Get some vim

Vim doesn’t really work remotely, nor does any editor.

You can do some fun pipe tricks to download the file, and reupload it, but your best bet is probably just to go into file explorer, and edit the file that way.



Command Shell Overview

Windows Command Line Reference

Powershell Cheatsheet



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s