System Information

MITRE ATT&CK™ System Information Discovery - Technique T1082

Theory

This page provides useful commands for Windows system enumeration that can be used to query important OS related informations.

Practice

Windows Version

Following commands can be use to enumerate Windows OS version

#Displays the operating system version number.
ver

#Displays detailed configuration information about the computer
systeminfo

Hotfixes & Service Packs

Following commands can be use to enumerate Windows hotfixes and service Packs

#Display hotfixes and service packs
wmic qfe list

#Display detailed configuration information about the computer
systeminfo

Architecture

Following commands can be use to enumerate Windows OS architecture

#The existence of "Program Files (x86)" means machine is a 64bits
dir /a c:\

#Display OS architecture
wmic cpu get datawidth /format:list

#Displays detailed configuration information about the computer
systeminfo

Last updated 1 year ago