Smash and Grab: Windows Dir Lists

This is a great tip by Room362:

Looking through network shares can be slow, and waiting for individual searches to finish looking through the whole “drive” is redundant. Easier to just use some Windows voodoo to get a good list to look through offline:

start /b cmd /c dir /b /s \\doesnotexist\supersecretshare$ ^> shareinfo.txt

Breaking that down:

start /b – starts a process that won’t hang up our current one, with the “b” flag meaning “background”, yay not visible to the user! (unless your process forces it back)

cmd /c – no reason to explain this one it runs something.. (since dir isn’t an executable but something that resides inside of cmd this is needed)

dir /b /s – the “s” means sub directories and pretty widely known. The one that isn’t as well known is the “b” which means “bare” format. Also known as “puts-path-on-every-line-to-make-it-easy-to-find-and-grep-stuff” mode.

The path is arbitrary, if you didn’t know you could dir list a UNC path, now ya do.

The ^> is the cool trick. If you use “start” to create a process in the background, re-routing its output to a file instead of just getting the fact that start began (the only thing start outputs), is made possible by this lowly ‘carrot’ before the greater-than.