4.4 Windows System Part 1

00:00

Hello and welcome to command line basics. In this video, we're gonna learn about Windows System commands one. I'm Christopher Heller, and this begin,

00:09

we're learning objectives for this video. We're gonna learn these system in full command. Learned the date and the time commands, understand the who am I command very similar to the Lennox. Who am I and get the command history

00:22

pre assessment Which command will display the current computer name? Is it a Who am I?

00:28

Be system.

00:30

See, check disc.

00:32

Where D system info.

00:35

The answer is D system info. We're looking for this system information in order to see the computer name off the system we're on. So this is a very useful tool that we're gonna learn a little more about to get a bunch of diagnostic or specific information for a computer system.

00:51

But who am I? Command is used to see what user account you're using. The system is not a real command, and the Czech disc is used to prepare a file system.

01:03

All right, so the system in full command, as we learned this will display a lot of information about the current computer to include the computer named the past level also show the specific CPU and GPU for the machine as well.

01:17

Additionally, we'll see what type of domain it is a part of, or if it has a specific work group that it's a part of the bias information and the last boot time. So what's very useful, but the system infocomm in is that if you are able to compromise a Windows machine as a penetration tester

01:36

and you need to find any more vulnerabilities for a system, you can use the system info, and it will display all of the patch level computer name colonel information that you can use to help verify or identify new exploits for a system.

01:53

So this could be very useful from the penetration tester might set.

01:59

Let's give you a quick demonstration. I'm gonna tape system info at my command, prompt.

02:05

It'll take a few seconds to gather all this information,

02:09

all right. And as we saw, there was a whole lot at once. So I'm gonna do the up arrow and we're gonna pipe this into more. That way we could take our time reading through.

02:22

Alright, here we go. So as we could see a top it has my computer name. We see that I'm on Microsoft Windows 10 home and I'm on 10.0 dot 17 76 3 so this is very useful information. We can see the original install date. It was February 5th 2019

02:40

and the last boot in my computer on September 11th.

02:44

So it's a lot of very useful information that we can use in order. Thio help identify either system information for a system administrator. Perspective to help validate or fix a computer were to help compromise a computer from the penetration tester as well.

03:02

All right, so dating time. The date and the time commands are used to either see the specific date and time on the computer. Or we can also change the date or the time from the command line as well.

03:15

And this is useful to keep in mind for ah Kerberos environment that Windows is a part of where if a system clock is more than five minutes off from the curb Rose *** for the domain, then you'll have a lot of very strange and uh,

03:32

issues with the system communicating over the domain.

03:37

So this could be a useful commander validate that a computer is within that specific time window for kerb Rose environment.

03:45

So let's start off with deep.

03:47

And as we could see, we today is Sunday September 15th 2019. And I do not want to enter a new date because I do want to keep the date the same. So I'm just gonna hit enter and it'll ignore it.

03:59

And we do the same with the time commit.

04:01

The current time is 11 50 49 seconds, and I do not want to enter a new time, so I'm gonna hit enter.

04:11

We have the who am I command. And this is very, very similar to Lennox one where it displays the logged in user

04:16

and at the Windows Command prompt will show your domain as well. And if you're not part of a domain and it'll just show your local computer name as Thea domain that you're a part of,

04:29

So we will take a look at this. I'm gonna type Who am I?

04:33

It looks like I am Chris laptop Chris, and that is my user account. So that sounds just about right.

04:41

So this is a useful command if you uh, compromise machine as well. You can see exactly what use your account You are.

04:48

We have the command history. So for the Windows Command line, we can use the doskey slash history. And this will display all the previous commands that we've executed during this this command session.

05:01

Now, if we close out of this command session, it will clear this history. So if you have a specific command that you ran and you want to save it highly recommend running this dusky slash history command. But then he couldn't copy and paste the specific command out of that into a text file so you can save it for later.

05:19

Let's take a look at that. We'll do doskey history

05:26

and look at that. I have all sorts of different commands that I entered and just like we learned, if we want to be able to copy and paste text from the command line, we can right click,

05:35

do you mark and then dragged all the way down

05:40

and then hit. Enter. And it is in our clip board now that we can paste directly into a text file for later.

05:47

All right. Post assessment. Why is the system in full command. Important to a pen tester.

05:51

Is it A. It shows the domain password

05:55

Be may help display vulnerabilities. See, it gives you system privileges or D shows the curb rose to kick ranting ticket.

06:03

The answer is B. It may help display vulnerabilities

06:08

just as we learned the system in full command displays all the current information about the system to include the current patch level. So for a pen tester, you can take this information and look in different databases for exploits for that current patch level. So they're useful to be able to kind of determine how you can further compromise a machine.

06:27

It does not show the domain password does not give you system privileges, which is kind of like the root account for a Windows box. And it does not give you the curve rose to get granting ticket.

06:39

All right, so in this video we learned about the System Info Command and how we can use it. We learned the date and the time commands and how we can set a different date or time for our machine. Understood the who M. I command and how we can see which user account we're using. And we got the command history and learn how to copy and paste it into a separate file for later.

07:00

So