Windows

Windows Privilege Escalation

Which Version?

ver
systeminfo
more c:\boot.ini
wmic os get osarchitecture

Computer name?

set computername
hostname

wmic logicaldisk get caption,description,providername
net share
wmic share
net use

User Info

set username
whoami
whoami /priv
echo %username%
net users
wmic group
net localgroup
net localgroup administrators
qusers
qwinsta
wmic useraccount

Software Installed

tasklist
tasklist /svc
tasklist /fi “pid eq PID”
tasklist /fi “username eq USERNAME”
qprocess
driverquery /v
assoc
wmic sysdriver
wmic product

Networking

ipconfig /allcompartments /all
getmac
wmic nicconfig get description,IPAddress,MACaddress
route PRINT
netstat -ano
arp -a
nbtstat
wmic nicconfig get macaddress,caption

Firewall

netsh dump
netsh firewall show state
netsh firewall show config
netsh advfirewall firewall show rule name=all
netsh advfirewall export "firewallinfo.txt"
netsh advfirewall show currentprofile

Microsoft Update Catalog

https://www.catalog.update.microsoft.com/

PreviousPrivilege Escalation NextKernel Exploits

Last updated 3 years ago

Which Version?

Computer name?

Share Drives?

User Info

Software Installed

Networking

Firewall

Microsoft Update Catalog