Last active
October 25, 2025 16:57
-
Star
(152)
You must be signed in to star a gist -
Fork
(52)
You must be signed in to fork a gist
-
-
Save xorrior/67ee741af08cb1fc86511047550cdaf4 to your computer and use it in GitHub Desktop.
Revisions
-
xorrior revised this gist
Jul 13, 2019 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,7 +13,7 @@ wmic /namespace:\\root\securitycenter2 path antivirusproduct wmic path Win32_PnPdevice --- Installed Updates --- wmic qfe list brief --- Directory Listing and File Search --- @@ -35,6 +35,7 @@ wmic NTDOMAIN GET DomainControllerAddress,DomainName,Roles /VALUE wmic /NAMESPACE:\\root\directory\ldap PATH ds_user where "ds_samaccountname='testAccount'" GET --- List All Users --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_user GET ds_samaccountname @@ -46,6 +47,7 @@ wmic /NAMESPACE:\\root\directory\ldap PATH ds_group GET ds_samaccountname --- Members of A Group --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_group where "ds_samaccountname='Domain Admins'" Get ds_member /Value wmic path win32_groupuser where (groupcomponent="win32_group.name="domain admins",domain="YOURDOMAINHERE"") --- List All Computers --- -
Jun 13, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,7 @@ wmic /namespace:\\root\securitycenter2 path antivirusproduct --- Peripherals --- wmic path Win32_PnPdevice --- Installed Updates --- wmic gfe list brief --- Directory Listing and File Search --- -
Jun 10, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,70 @@ Host Enumeration: --- OS Specifics --- wmic os LIST Full (* To obtain the OS Name, use the "caption" property) wmic computersystem LIST full --- Anti-Virus --- wmic /namespace:\\root\securitycenter2 path antivirusproduct --- Peripherals --- wmic path Win32_PnPdevice --- Install Updates --- wmic gfe list brief --- Directory Listing and File Search --- wmic DATAFILE where "path='\\Users\\test\\Documents\\'" GET Name,readable,size wmic DATAFILE where "drive='C:' AND Name like '%password%'" GET Name,readable,size /VALUE --- Local User Accounts --- wmic USERACCOUNT Get Domain,Name,Sid Domain Enumeration: --- Domain and DC Info --- wmic NTDOMAIN GET DomainControllerAddress,DomainName,Roles /VALUE --- Domain User Info --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_user where "ds_samaccountname='testAccount'" GET --- List All Users --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_user GET ds_samaccountname --- List All Groups --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_group GET ds_samaccountname --- Members of A Group --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_group where "ds_samaccountname='Domain Admins'" Get ds_member /Value --- List All Computers --- wmic /NAMESPACE:\\root\directory\ldap PATH ds_computer GET ds_samaccountname OR wmic /NAMESPACE:\\root\directory\ldap PATH ds_computer GET ds_dnshostname Misc: --- Execute Remote Command --- wmic process call create "cmd.exe /c calc.exe" --- Enable Remote Desktop --- wmic rdtoggle where AllowTSConnections="0" call SetAllowTSConnections "1" OR wmic /node:remotehost path Win32_TerminalServiceSetting where AllowTSConnections="0" call SetAllowTSConnections "1"