Enumerating Windows Information
After you have gained access to a box, the first thing you want to do as a pen tester is obtain as much information about the machine/network as possible. Here is a list of commands that aim to enumerate host/network information from a Windows machine. The following commands are for Windows XP/Vista/7 unless stated otherwise. Operating System Details > ver > systeminfo Who are you logged in as > set username Which domain/workgroup is the machine apart of > set userdomain What is the machine called > set computername Windows 7 only > whoami List user groups on the system > net localgroup List users on the machine > net user List users in administrative group > net localgroup administrators View all mapped logical/shared drives on the system > wmic logicaldisk get caption,description,providername List all listening services on the machine > netstat –nao See which