Post

Enumeration for Windows Privilege Escalation

Examples of text, typography, math equations, diagrams, flowcharts, pictures, videos, and more.

Posted
By
1 min read

Basic Enumeration

  1. Username and hostname
1

whoami
  1. Group memberships of the current user
1

whoami /groups
  1. Existing users and groups
1

Get-LocalUser

1

Get-LocalGroup

1

Get-LocalGroupMember Administrators
  1. Operating system, version and architecture
1

systeminfo
  1. Network information
1

ipconfig /all

1

route print

1

netstat -ano
  1. Installed applications
1

Get-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname

1

Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname
  1. Get running processes
1

Get-Process

1

Get-Process | Select-Object ProcessName, Path -Unique | Format-List

1

Get-Process | Select-Object ProcessName, Path -Unique | Format-List

Find a Juicy Files

1
2
3

Get-ChildItem -Path C:\ -Include *.kdbx -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\xampp -Include *.txt,*.ini -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\Users\dave\ -Include *.txt,*.pdf,*.xls,*.xlsx,*.doc,*.docx -File -Recurse -ErrorAction SilentlyContinue
Windows Exploitation, Windows Privilege Escalation
Windows Privilege Escalation
This post is licensed under CC BY 4.0 by the author.