WinPrivEsc Methods and commands - Part 2

1. route print --> This command will display the network routing table, gateway, interface and metric. The output of this command also includes the following sections: Interface List, IPv4 Route Table, and IPv6 Route Table.

2. ipconfig --> This command will show you a lot of useful things like your IP, Gateway, DNS in use, etc. This command will give all that info but for all networks, you might have it. It also provides you all the valuable information about Firewall, etc. This is quiet helpful if you want to find default gateway and scan for the other network devices in the subnet.

3. arp -a --> This command shows you the arp table. However, you can check if anyone has poisoned arp on your LAN using this command.

4. netstat -ano --> This command will display the status of the connection. Now this command is more important and useful to find out if there is any listening ports and active incoming/outgoing connection available.

5. tasklist --> This command opens up an entire task manager on the command prompt. Users just need to enter this command on the present shell and they will see the list of all running process. There are many options available. For example, If you want to kill a specific task (say task having PID 1212) from the process, use taskkill /PID 1212 /F.

6. tracert --> This command helps you to follow the route when a packed IP is ready to hit a target. It also estimates and demonstrates the time it takes for the hop to reach a destination. This quiet useful for finding if the target is connected to any proxy server etc.

7. getmac --> Getmac command is used to access the MAC address. For instance, you have a separate MAC address on your Ethernet, WLAN. The Getmac command is then used to access the MAC address in the hardware of the computer.

Stay tuned for Part 3

🔗