Enumeration for Windows Privilege Escalation
Examples of text, typography, math equations, diagrams, flowcharts, pictures, videos, and more.
Basic Enumeration
- Username and hostname
1
whoami
- Group memberships of the current user
1
whoami /groups
- Existing users and groups
1
Get-LocalUser
1
Get-LocalGroup
1
Get-LocalGroupMember Administrators
- Operating system, version and architecture
1
systeminfo
- Network information
1
ipconfig /all
1
route print
1
netstat -ano
- Installed applications
1
Get-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname
1
Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" | select displayname
- Get running processes
1
Get-Process
1
Get-Process | Select-Object ProcessName, Path -Unique | Format-List
1
Get-Process | Select-Object ProcessName, Path -Unique | Format-List
Find a Juicy Files
1
2
3
Get-ChildItem -Path C:\ -Include *.kdbx -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\xampp -Include *.txt,*.ini -File -Recurse -ErrorAction SilentlyContinue
Get-ChildItem -Path C:\Users\dave\ -Include *.txt,*.pdf,*.xls,*.xlsx,*.doc,*.docx -File -Recurse -ErrorAction SilentlyContinue
This post is licensed under CC BY 4.0 by the author.