‎ find the string '

#
‎password' in all files of
‎certain file type

‎findstr /si password *.txt

‎findstr /si password *.xml

‎findstr /si password *.ini

‎ Find all these strings in

#
‎config files.

‎ ir /s *pass* == *cred* == *
d
‎ assword
P ‎vnc* == *.config*
‎Mining
‎ Find all passwords in all
#
‎files.
‎ tart with PowerUP/
S
‎SharpUP ‎ ndstr /spin "
fi
‎ Default writable folders
#
‎password" *.*
‎C:\Windows\System32\Microsoft\
‎winpeas.exe cmd wait ‎Crypto\RSA\MachineKeys
‎ ndstr /spin "
fi
‎C:\Windows\System32\spool\
‎password" *.*
‎seatbelt.exe ‎drivers\color ‎c:\
‎findstr /si password *.txt ‎C:\Windows\Tasks
‎run jaws ‎C:\windows\tracing1 ‎C:\users\public
‎dir /s *password*
‎ ystem Infomation
S ‎ EAD ALL THE
R ‎Look for installed
‎ eview Scan
R
‎Figure Out unsername, s‎ tored ‎ ry Quick
T ‎ENUMERATION and add ‎programs in C:\ ‎ on standard
N I‎ nteresting files
‎Windows ‎Run Auto scripts ‎Find a writable folder ‎data if you can't find
‎groups, OS, & Kernel ‎ redentials
c ‎Wins First ‎investigation points ‎& ‎windows services ‎available to user
‎anything again
‎Versions ‎based on the findings. ‎Program Files
‎Unquoted Service Path ‎service binary permissions
‎whoami /priv
‎& ‎Mod binary Service Path ‎service config permissions
‎Service exploits
‎net user <username> #to
‎named pipes
‎get user and group info I‎nstall the service in local
‎DLL Hijacking ‎VM if possible
‎ S INFO
O
‎systeminfo | findstr /B /C:"OS Name" /C:" .‎dll loads from insecure .‎exe loads from insecure
‎Alway Ekevvated
‎OS Version" /C:"System Type" ‎Procmon.exe ‎directories ‎directory
‎Registry exploits
‎ assword can be found
p
s‎ chtasks /query /fo ‎here to
‎Scheduled task ‎LIST /v
‎GUI
‎running services ‎net start ‎&
‎startup apps

‎Sceudled tasks

‎Installed apps ‎Unattended Installs

‎ nd version and seach for

fi
‎Admin Processes ‎exploit