Manual Windows Enumeartion
Performing enumeration for the privilege escalation using native windows features and commands.
Quick Checks
We can use below command to get quick idea about the env, arch and privileges of the user. This could give you quick wins sometime.
- System information
systeminfo
wmic os get Caption,CDSVersion,OSArchitecture,Version
- User Info and privileges
whoami
whoami /priv
- Check for Users and Admins
net user
net users
net localgroup
net localgroup administrators
- network info
netstat -anoy
route print
arp -A
ipconfig /all
- Look for interesting file permissions
#insecure file permissions
icacls "C:\Program Files\" /T | findstr "(F)"
#Sensitive files
findstr /si password *.xml *.ini *.txt
- Check for tasks running
tasklist
tasklist /v