Conclusion 🧅

The focus of this room was on built-in command-line tools in both Linux and MS Windows systems. Many commands exist in both systems, although the command arguments and resulting output are different. The following tables show the primary Linux and MS Windows commands that we relied on to get more information about the system.

Linux Command	Description
hostname	shows the system’s hostname
who	shows who is logged in
whoami	shows the effective username
w	shows who is logged in and what they are doing
last	shows a listing of the last logged-in users
ip address show	shows the network interfaces and addresses
arp	shows the ARP cache
netstat	prints network connections
ps	shows a snapshot of the current processes

Windows Command	Description
systeminfo	shows OS configuration information, including service pack levels
whoami	shows the user name and group information along with the respective security identifiers
netstat	shows protocol statistics and current TCP/IP network connections
net user	shows the user accounts on the computer
net localgroup	shows the local groups on the computer
arp	shows the IP-to-Physical address translation tables

This room focused on post-exploitation enumeration of a Linux or MS Windows machine. For enumeration related to Active Directory, we recommend that you join the Enumerating AD room.