Recon - Initial Access
Who we are
whoami /fqdn
whoami /upn
whoami
What are our privileges and which group do we belong to
whoami /priv
whoami /groups
whoami /all
Systeminfo
systeminfo
hostname
Hotfix and KB information
wmic qfe get Caption,Description,HotFixID,InstalledOn
Antivirus Status
Get-MpComputerStatus
Which users/localgroups are on the machine
net users
net localgroups
net localgroup Administrators
net user morph3
Crosscheck local and domain groups too
net user morph3 /domain
net users /domain
net group "Domain Admins" /domain
Network information
ipconfig /all
route print
arp -A
# Network connections
netstat -ano
Network shares
net view
Logged on users
Get-NetLoggedon -ComputerName client251
File - Directory enumerations
Recursive string scan
findstr /spin "password" *.*
To list all the files recursively
dir /a-D /S /B
Search for writeable directories
dir /a-r-d /s /b
Running processes
tasklist /SVC
Service related things
To check permissions of us on service vulnsvc
accesschk.exe /accepteula -uwcqv morph3 vulnsvc
Last updated