hostname
systeminfosysteminfo | findstr /B /C:"OS Name" /C:"OS Version"
echo %PROCESSOR_ARCHITECTURE%
DRIVERQUERY
wmic logicaldisk get caption,description,providername
type C:\windowssystem32driversetchosts
type C:\windowssystem32inetsrvconfigapplicationHost.configwmic product get name,version
tasklist /svcwmic process list brief
wmic /Node:localhost /Namespace:\rootSecurityCenter2 Path AntiVirusProduct Get displayName /Format:List
wmic startup get command,caption
net start
wmic service list brief
sc query
schtasks /query /fo LIST /v
net statistics workstation
query user || qwinstaquery session
在域内,本地普通用户无法查阅域内信息,域内用户可以直接查阅 而本地管理员可以提升权限为system,域中机器有个机器用户$,机器的本地system用户对应域内的机器用户,所以可以查阅域内信息
whoamiwhoami /all
net user
net localgroup
net localgroup administrators
ipconfig /allroute printarp -A
net sharewmic share get name,path,status
netstat -anonetstat -anob #查看对应的程序,需要权限
REG QUERY "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings"
本文始发于微信公众号(XG小刚):信息搜集-本机信息
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论