It happens a lot, it’s the Achiles’ heel of most pentesters and wannabes.
So you are a 1337 h4xx0r and you have just fired metasploit against a vulnerable Windows box, eh? It worked! Cooooool… you type whoami and it turns out you have System privileges… The cmd.exe prompt stays in front of you, blinking…
And now WHAT?! Well, you aren’t always gonna have the meterpreter by your side.
This pretends to be a short list of useful Windows command line snippets (yes, windows has a command line too!)
Think about it just as a quick reference, I will update it with kick-ass wmic commands later…
Some good old net commands
net user carlos hacking123 /add
adds an user to the system
groups on this machine? do you find anything interesting?
net localgroup “Remote Desktop Users” carlos/add
I can RDP now
minimum pass length, lockouts, this stuff
net config [server | workstation]
list Windows shares
mount Windows shares!
net statistics [server | workstation]
net help ;)