System Enumeration

This post covers some useful enumeration commands for post compromise system enumeration

Systeminfo

C:\Users\Administrator>systeminfo

Host Name: SERVER2019
OS Name: Microsoft Windows Server 2019 Standard
OS Version: 10.0.17763 N/A Build 17763
OS Manufacturer: Microsoft Corporation
OS Configuration: Primary Domain Controller
OS Build Type: Multiprocessor Free
Registered Owner: Windows User
Registered Organization:
Product ID: 00429-70000-00000-AA942
Original Install Date: 12/13/2020, 12:14:07 PM
System Boot Time: 10/13/2021, 5:44:26 PM
System Manufacturer: VMware, Inc.
System Model: VMware7,1
System Type: x64-based PC
Processor(s): 2 Processor(s) Installed.
[01]: Intel64 Family 6 Model 158 Stepping 10 GenuineIntel ~2904 Mhz
[02]: Intel64 Family 6 Model 158 Stepping 10 GenuineIntel ~2904 Mhz
BIOS Version: VMware, Inc. VMW71.00V.16722896.B64.2008100651, 8/10/2020
Windows Directory: C:\Windows
System Directory: C:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC+10:00) Brisbane
Total Physical Memory: 8,191 MB
Available Physical Memory: 6,656 MB
Virtual Memory: Max Size: 9,471 MB
Virtual Memory: Available: 7,759 MB
Virtual Memory: In Use: 1,712 MB
Page File Location(s): C:\pagefile.sys
Domain: pwnme.local
Logon Server: N/A
Hotfix(s): 5 Hotfix(s) Installed.
[01]: KB4552930
[02]: KB4486153
[03]: KB4561600
[04]: KB4562562
[05]: KB4567513
Network Card(s): 1 NIC(s) Installed.
[01]: Intel(R) 82574L Gigabit Network Connection
Connection Name: Ethernet0
DHCP Enabled: No
IP address(es)
[01]: 192.168.1.50
[02]: fe80::91a:eedb:46a6:1919
Hyper-V Requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
C:\Users\Administrator>systeminfo | findstr /B /C:"OS Name" /C:"OS Version" /C:"System Type"
OS Name: Microsoft Windows Server 2019 Standard
OS Version: 10.0.17763 N/A Build 17763
System Type: x64-based PC

Windows Management Instrumentation, Quick Fix Engineering. Installed Hotfixes.

C:\Users\Administrator>wmic qfe
Caption CSName Description FixComments HotFixID InstallDate InstalledBy InstalledOn Name ServicePackInEffect Status
http://support.microsoft.com/?kbid=4552930 SERVER2019 Update KB4552930 12/13/2020
http://support.microsoft.com/?kbid=4486153 SERVER2019 Update KB4486153 12/13/2020
http://support.microsoft.com/?kbid=4561600 SERVER2019 Security Update KB4561600 12/13/2020
http://support.microsoft.com/?kbid=4562562 SERVER2019 Security Update KB4562562 12/13/2020
http://support.microsoft.com/?kbid=4567513 SERVER2019 Update KB4567513 12/13/2020
C:\Users\Administrator>wmic qfe get Caption,Description,HotFixID,InstalledOn
Caption Description HotFixID InstalledOn
http://support.microsoft.com/?kbid=4552930 Update KB4552930 12/13/2020
http://support.microsoft.com/?kbid=4486153 Update KB4486153 12/13/2020
http://support.microsoft.com/?kbid=4561600 Security Update KB4561600 12/13/2020
http://support.microsoft.com/?kbid=4562562 Security Update KB4562562 12/13/2020
http://support.microsoft.com/?kbid=4567513 Update KB4567513 12/13/2020

Get Logical Disks

C:\Users\Administrator>wmic logicaldisk get caption,description,providername
Caption Description ProviderName
A: 3 1/2 Inch Floppy Drive
C: Local Fixed Disk
D: CD-ROM Disc