Hack$Notes
Search…
Hack$Notes
Enumeration
Transferring Files
Metasploit Framework
Reverse Shells
Buffer Overflow
Spawning a Shell
Password Attacks
Privilege Escalation
Windows
Kernel Exploits
Stored Credentials
Unquoted Service Path
Always Install Elevated
Weak Permissions
Schedule Tasks
AutoRun Executables
Startup Apps
Passwords
Win PrivEsc Tools
Linux
Port Forwarding
Tools / Techniques
Resources
Powered By
GitBook
Windows
Windows Privilege Escalation
Which Version?
ver
systeminfo
more c:\boot.ini
wmic os get osarchitecture
Computer name?
set computername
hostname
Share Drives?
wmic logicaldisk get caption,description,providername
net share
wmic share
net use
User Info
set username
whoami
whoami /priv
echo %username%
net users
wmic group
net localgroup
net localgroup administrators
qusers
qwinsta
wmic useraccount
Software Installed
tasklist
tasklist /svc
tasklist /fi “pid eq PID”
tasklist /fi “username eq USERNAME”
qprocess
driverquery /v
assoc
wmic sysdriver
wmic product
Networking
ipconfig /allcompartments /all
getmac
wmic nicconfig get description,IPAddress,MACaddress
route PRINT
netstat -ano
arp -a
nbtstat
wmic nicconfig get macaddress,caption
Firewall
netsh dump
netsh firewall show state
netsh firewall show config
netsh advfirewall firewall show rule name=all
netsh advfirewall export "firewallinfo.txt"
netsh advfirewall show currentprofile
Microsoft Update Catalog
https://www.catalog.update.microsoft.com/
Previous
Privilege Escalation
Next
Kernel Exploits
Last modified
1yr ago
Copy link
Outline