blind and cmd startings

nuryslyrt · Oct 29, 2013 · 8ca4bbc · 8ca4bbc
1 parent 7385cfb
commit 8ca4bbc
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/wiki/windows_blind.md b/wiki/windows_blind.md
@@ -0,0 +1,9 @@
+# Windows Blind Files
+
+In some cases during exploitation you as an attacker gain the ability to read are "verify" arbitrary files. As an attacker you need go-to files that cover as many versions as possible in order to either confirm exploitation or gather intelligence on the exploited system. This is what a "blind file" is.
+
+| File		| Description / Importance |
+| -------- | ------------------------- |
+|  %SYSTEMDRIVE%\boot.ini  | A file that can be counted on to be on virtually every windows host. Helps with confirmation that a read is happening. **WARNING - in more recent versions of Windows this file in no longer there.** |
+|  %WINDIR%\win.ini  |  This is another file that can be counted on to be readable by all users of a system. |
+| %SYSTEMROOT%\repair\SAM <br> %SYSTEMROOT%\System32\config\RegBack\SAM | |
diff --git a/wiki/windows_cmd.md b/wiki/windows_cmd.md
@@ -0,0 +1,8 @@
+# Windows CMD Commands
+
+Command that can be executed from teh context of the CMD.exe prompt.
+
+  * [Config Commands](windows_cmd_config.md) - Commands that display information about the configuration of the victim
+  * [Network Commands](windows_cmd_network.md) - Commands used for gathering information about the network settings and connections of a system.
+  * [Remote Acccess Commands](windows_cmd_remote.md) - Commands to remotely administer systems.
+