Enumeration
C:\Users\security\Desktop>systeminfo
Host Name: ACCESS
OS Name: Microsoft Windows Server 2008 R2 Standard
OS Version: 6.1.7600 N/A Build 7600
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Server
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 55041-507-9857321-84191
Original Install Date: 8/21/2018, 9:43:10 PM
System Boot Time: 1/31/2025, 7:54:53 PM
System Manufacturer: VMware, Inc.
System Model: VMware Virtual Platform
System Type: x64-based PC
Processor(s): 2 Processor(s) Installed.
[01]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2445 Mhz
[02]: AMD64 Family 25 Model 1 Stepping 1 AuthenticAMD ~2445 Mhz
BIOS Version: Phoenix Technologies LTD 6.00, 11/12/2020
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC) Dublin, Edinburgh, Lisbon, London
Total Physical Memory: 6,143 MB
Available Physical Memory: 5,402 MB
Virtual Memory: Max Size: 12,285 MB
Virtual Memory: Available: 11,510 MB
Virtual Memory: In Use: 775 MB
Page File Location(s): C:\pagefile.sys
Domain: HTB
Logon Server: N/A
Hotfix(s): 110 Hotfix(s) Installed.
[01]: KB981391
[02]: KB981392
[03]: KB977236
[04]: KB981111
[05]: KB977238
[06]: KB977239
[07]: KB981390
[08]: KB2032276
[09]: KB2296011
[10]: KB2305420
[11]: KB2345886
[12]: KB2347290
[13]: KB2378111
[14]: KB2386667
[15]: KB2387149
[16]: KB2393802
[17]: KB2419640
[18]: KB2423089
[19]: KB2425227
[20]: KB2442962
[21]: KB2454826
[22]: KB2467023
[23]: KB2479943
[24]: KB2483614
[25]: KB2484033
[26]: KB2488113
[27]: KB2505438
[28]: KB2506014
[29]: KB2506212
[30]: KB2506928
[31]: KB2509553
[32]: KB2511250
[33]: KB2511455
[34]: KB2522422
[35]: KB2529073
[36]: KB2535512
[37]: KB2544893
[38]: KB2545698
[39]: KB2547666
[40]: KB2552343
[41]: KB2560656
[42]: KB2563227
[43]: KB2564958
[44]: KB2570947
[45]: KB2585542
[46]: KB2598845
[47]: KB2603229
[48]: KB2604114
[49]: KB2607047
[50]: KB2608658
[51]: KB2618451
[52]: KB2620704
[53]: KB2621440
[54]: KB2631813
[55]: KB2640148
[56]: KB2643719
[57]: KB2653956
[58]: KB2654428
[59]: KB2656355
[60]: KB2660075
[61]: KB2667402
[62]: KB2676562
[63]: KB2685811
[64]: KB2685813
[65]: KB2685939
[66]: KB2690533
[67]: KB2698365
[68]: KB2705219
[69]: KB2709630
[70]: KB2712808
[71]: KB2716513
[72]: KB2718704
[73]: KB2719033
[74]: KB2726535
[75]: KB2727528
[76]: KB2729094
[77]: KB2729451
[78]: KB2741355
[79]: KB2742598
[80]: KB2748349
[81]: KB2758857
[82]: KB2761217
[83]: KB2765809
[84]: KB2770660
[85]: KB2789644
[86]: KB2791765
[87]: KB2807986
[88]: KB2813347
[89]: KB2840149
[90]: KB2998812
[91]: KB958488
[92]: KB972270
[93]: KB974431
[94]: KB974571
[95]: KB975467
[96]: KB975560
[97]: KB977074
[98]: KB978542
[99]: KB978601
[100]: KB979099
[101]: KB979309
[102]: KB979482
[103]: KB979538
[104]: KB979687
[105]: KB979688
[106]: KB980408
[107]: KB980846
[108]: KB982018
[109]: KB982132
[110]: KB982799
Network Card(s): 1 NIC(s) Installed.
[01]: Intel(R) PRO/1000 MT Network Connection
Connection Name: Local Area Connection
DHCP Enabled: Yes
DHCP Server: 255.255.255.255
IP address(es)
[01]: 10.10.10.98
[02]: fe80::bdad:c8a:9393:bdf4
We find a .lnk file in Public folder
Its a binary file so opening it gives us some garbled information:
But I see that its running runas (used to run as another user) as Administrator using /savecred which means the credentials are cached. We can confirm that:
Which means we can run runas to run any command as the Administrator.
Last updated