Security

Windows Information Gathering: network interfaces, routing table, arp cache table

Available network interfaces:

C:\Users\admin>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : enculet
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : some.lan

Ethernet adapter Connessione di rete Bluetooth:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dispositivo Bluetooth (Personal Area Network)
Physical Address. . . . . . . . . : 5C-F3-70-74-B9-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet0:

Connection-specific DNS Suffix . : some.lan
Description . . . . . . . . . . . : Connessione di rete Gigabit Intel(R) 82574L
Physical Address. . . . . . . . . : 00-0C-29-78-72-9E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::78a9:478d:f75b:9355%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.178(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 26 May 2017 11:09:26
Lease Expires . . . . . . . . . . : 29 May 2017 14:57:50
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.52
DHCPv6 IAID . . . . . . . . . . . : 50334761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-B5-A7-DF-00-0C-29-78-72-9E
DNS Servers . . . . . . . . . . . : 192.168.0.52
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.some.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : some.lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Routing table

Read More

Windows Information Gathering: OS, hostname, user list, current user info

Get OS we’re connected to:

C:\Windows\system32> systeminfo | findstr /B /C:"OS Name" /C:"OS Version"
OS Name: Microsoft Windows 7 Professional
OS Version: 6.1.7601 Service Pack 1 Build 7601

 

Get Hostname

C:\Windows\system32> hostname
hostname_xyz

 

Get current username

C:\Windows\system32> echo %username%
username_xyz

Read More

Searching for passwords on windows filesystem and register

# The command below will search the file system for file names containing certain keywords. You can specify as many keywords as you wish.

C:\Windows\system32> dir /s *pass* == *cred* == *vnc* == *.config*

# Search certain file types for a keyword, this can generate a lot of output.

C:\Windows\system32> findstr /si password *.xml *.ini *.txt

# Similarly the two commands below can be used to grep the registry for keywords, in this case “password”.

C:\Windows\system32> reg query HKLM /f password /t REG_SZ /s
C:\Windows\system32> reg query HKCU /f password /t REG_SZ /s

Read More

4 sites where everyone can see your password

In this list you can find some interesting links that will make you doubt about your data security. Too many people thinks that give their own data to big corp means that they be protected. Actually is a big lie.

Leak forums

Here you can find a lot of (often very fresh) database of users. What does it mean? That if your data were stolen due to some attacks, everyone can see your username, passoword and e-mail.

Link

Databases.land

A very full list of leaked databases.

Read More