Initial Enumeration made as the merlin user
Continuing the Post Enumeration
System
ps c:\windows\system32\inetsrv> systeminfo
host name: BOUNTY
os name: Microsoft Windows Server 2008 R2 Datacenter
os version: 6.1.7600 N/A Build 7600
os manufacturer: Microsoft Corporation
os configuration: Standalone Server
os build type: Multiprocessor Free
registered owner: Windows User
registered organization:
product id: 55041-402-3606965-84760
original install date: 5/30/2018, 12:22:24 AM
system boot time: 10/8/2022, 11:26:40 PM
system manufacturer: VMware, Inc.
system model: VMware Virtual Platform
system type: x64-based PC
processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 23 Model 49 Stepping 0 AuthenticAMD ~2994 Mhz
bios version: Phoenix Technologies LTD 6.00, 12/12/2018
windows directory: C:\Windows
system directory: C:\Windows\system32
boot device: \Device\HarddiskVolume1
system locale: en-us;English (United States)
input locale: en-us;English (United States)
time zone: (UTC+02:00) Athens, Bucharest, Istanbul
total physical memory: 2,047 MB
available physical memory: 1,580 MB
virtual memory: Max Size: 4,095 MB
virtual memory: Available: 3,555 MB
virtual memory: In Use: 540 MB
page file location(s): C:\pagefile.sys
domain: WORKGROUP
logon server: N/A
hotfix(s): N/A
network card(s): 1 NIC(s) Installed.
[01]: Intel(R) PRO/1000 MT Network Connection
connection name: Local Area Connection
dhcp enabled: No
IP address(es)
[01]: 10.10.10.93Networks
PS C:\windows\system32\inetsrv> netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 680
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 360
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 764
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 804
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING 464
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING 472
TCP 10.10.10.93:139 0.0.0.0:0 LISTENING 4
TCP 10.10.10.93:49158 10.10.14.5:9999 ESTABLISHED 2608
TCP 10.10.10.93:49162 10.10.14.5:9998 ESTABLISHED 2532
TCP [::]:80 [::]:0 LISTENING 4
TCP [::]:135 [::]:0 LISTENING 680
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49152 [::]:0 LISTENING 360
TCP [::]:49153 [::]:0 LISTENING 764
TCP [::]:49154 [::]:0 LISTENING 804
TCP [::]:49155 [::]:0 LISTENING 464
TCP [::]:49156 [::]:0 LISTENING 472
UDP 0.0.0.0:123 *:* 860
UDP 0.0.0.0:5355 *:* 940
UDP 10.10.10.93:137 *:* 4
UDP 10.10.10.93:138 *:* 4
UDP [::]:123 *:* 860Users & Groups
ps c:\windows\system32\inetsrv> net user
User accounts for \\BOUNTY
-------------------------------------------------------------------------------
Administrator Guest merlin
The command completed successfully.ps c:\windows\system32\inetsrv> net localgroup
Aliases for \\BOUNTY
-------------------------------------------------------------------------------
*Administrators
*Backup Operators
*Certificate Service DCOM Access
*Cryptographic Operators
*Distributed COM Users
*Event Log Readers
*Guests
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Print Operators
*Remote Desktop Users
*Replicator
*Users
The command completed successfully.