First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)
Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target.
Now type wmic /? Displays help
wmic cpu list full – get Name, Caption, MaxClockSpeed, DeviceID, and etc status
wmic memory chip – to get get Bank Label, Capacity, Caption, Creation ClassName, DataWidth, Description, Device locator, Form Factor, HotSwappable, Install Date etc.
wmic process list full – to get Caption, CommandLine, Handle, HandleCount, PageFaults, PageFileUsage, PArentProcessId, ProcessId, ThreadCount
wmic startup – to get Caption, Location, Command
wmic bios – get name, version, serial number
wmic bootconfig – get BootDirectory, Caption, TempDirectory, Lastdrive
wmic startup – get Caption, Location, Command
wmic useraccount – get Account Type, Description, Domain, Disabled, Local Account, Lockout, Password Changeable, Password Expires, Password Required, SID
wmic driver – get Caption, Name, PathName, ServiceType, State, Status
wmic share – get name, path, status
| baseboard | get Manufacturer, Model, Name, PartNumber, slotlayout, serialnumber, poweredon |
| cdrom | get Name, Drive, Volumename |
| computersystem | get Name, domain, Manufacturer, Model, NumberofProcessors, PrimaryOwnerName,Username, Roles, totalphysicalmemory /format:list |
| datafile | where name=’c:\\boot.ini’ get Archive, FileSize, FileType, InstallDate, Readable, Writeable, System, Version |
| dcomapp | get Name, AppID /format:list |
| desktop | get Name, ScreenSaverExecutable, ScreenSaverActive, Wallpaper /format:list |
| desktopmonitor | get screenheight, screenwidth |
| diskdrive | get Name, Manufacturer, Model, InterfaceType, MediaLoaded, MediaType |
| diskquota | get User, Warninglimit, DiskSpaceUsed, QuotaVolume |
| environment | get Description, VariableValue |
| fsdir | where name=’c:\\windows’ get Archive, CreationDate, LastModified, Readable, Writeable, System, Hidden, Status |
| group | get Caption, InstallDate, LocalAccount, Domain, SID, Status |
| idecontroller | get Name, Manufacturer, DeviceID, Status |
| irq | get Name, Status |
| job | get Name, Owner, DaysOfMonth, DaysOfWeek, ElapsedTime, JobStatus, StartTime, Status |
| loadorder | get Name, DriverEnabled, GroupOrder, Status |
| logicaldisk | get Name, Compressed, Description, DriveType, FileSystem, FreeSpace, SupportsDiskQuotas, VolumeDirty, VolumeName |
| memcache | get Name, BlockSize, Purpose, MaxCacheSize, Status |
| memlogical | get AvailableVirtualMemory, TotalPageFileSpace, TotalPhysicalMemory, TotalVirtualMemory |
| memphysical | get Manufacturer, Model, SerialNumber, MaxCapacity, MemoryDevices |
| netclient | get Caption, Name, Manufacturer, Status |
| netlogin | get Name, Fullname, ScriptPath, Profile, UserID, NumberOfLogons, PasswordAge, LogonServer, HomeDirectory, PrimaryGroupID |
| netprotocol | get Caption, Description, GuaranteesSequencing, SupportsBroadcasting, SupportsEncryption, Status |
| netuse | get Caption, DisplayType, LocalName, Name, ProviderName, Status |
| nic | get AdapterType, AutoSense, Name, Installed, MACAddress, PNPDeviceID,PowerManagementSupported, Speed, StatusInfo |
| nicconfig | get MACAddress, DefaultIPGateway, IPAddress, IPSubnet, DNSHostName, DNSDomain |
| ntdomain | get Caption, ClientSiteName, DomainControllerAddress, DomainControllerName, Roles, Status |
| ntevent | where (LogFile=’system’ and SourceName=’W32Time’) get Message, TimeGenerated |
| onboarddevice | get Description, DeviceType, Enabled, Status |
| os | get Version, Caption, CountryCode, CSName, Description, InstallDate, SerialNumber, ServicePackMajorVersion, WindowsDirectory /format:list |
| pagefile | get Caption, CurrentUsage, Status, TempPageFile |
| pagefileset | get Name, InitialSize, MaximumSize |
| partition | get Caption, Size, PrimaryPartition, Status, Type |
| printer | get DeviceID, DriverName, Hidden, Name, PortName, PowerManagementSupported, PrintJobDataType, VerticalResolution, Horizontalresolution |
| printjob | get Description, Document, ElapsedTime, HostPrintQueue, JobID, JobStatus, Name, Notify, Owner, TimeSubmitted, TotalPages |
| product | get Description, InstallDate, Name, Vendor, Version |
| qfe | get description, FixComments, HotFixID, InstalledBy, InstalledOn, ServicePackInEffect |
| quotasetting | get Caption, DefaultLimit, Description, DefaultWarningLimit, SettingID, State |
| recoveros | get AutoReboot, DebugFilePath, WriteDebugInfo, WriteToSystemLog |
| Registry | get CurrentSize, MaximumSize, ProposedSize, Status |
| scsicontroller | get Caption, DeviceID, Manufacturer, PNPDeviceID |
| server | get ErrorsAccessPermissions, ErrorsGrantedAccess, ErrorsLogon, ErrorsSystem, FilesOpen, FileDirectorySearches |
| service | get Name, Caption, State, ServiceType, StartMode, pathname |
| sounddev | get Caption, DeviceID, PNPDeviceID, Manufacturer, status |
| sysaccount | get Caption, Domain, Name, SID, SIDType, Status |
| systemenclosure | get Caption, Height, Depth, Manufacturer, Model, SMBIOSAssetTag, AudibleAlarm, SecurityStatus, SecurityBreach, PoweredOn, NumberOfPowerCords |
| systemslot | get Number, SlotDesignation, Status, SupportsHotPlug, Version, CurrentUsage, ConnectorPinout |
| tapedrive | get Name, Capabilities, Compression, Description, MediaType, NeedsCleaning, Status, StatusInfo |
| timezone | get Caption, Bias, DaylightBias, DaylightName, StandardName |