# HTB ACADEMY — Windows Fundamentals

{% embed url="<https://academy.hackthebox.com/module/49/section/>" %}

## **Introduction**

### 2 - Introduction to Windows

First search powershell in the app input bar and launch it.

**Question : What is the Build Number of the target workstation?**

<figure><img src="/files/SxVVeMTrxPXjjTQkIe0A" alt=""><figcaption></figcaption></figure>

> Answer : 19041

**Question : Which Windows NT version is installed on the workstation? (i.e. Windows X - case sensitive)**

According to the table in the text : version 10.0 is for Windows 10

> Answer : Windows 10

## **Core of the Operating System**

### 1 - Operating System Structure

**Question : Find the non-standard directory in the C drive. Submit the contents of the flag file saved in this directory.**

Run the tree command given in the explaination.

<figure><img src="/files/XZcyBK25aHLZHKQDbqgv" alt=""><figcaption></figcaption></figure>

Then, go to the directory and display the flag.txt file content :&#x20;

> Answer : c8fe8d977d3a0c655ed7cf81e4d13c75

### 2 - File System&#x20;

**Question : What system user has full control over the c:\users directory?**

<figure><img src="/files/GZYB6YTAKDgSqoeRXpY5" alt=""><figcaption></figcaption></figure>

> Answer : bob.smith

### 3 - NTFS vs. Share Permissions

**Question : What protocol discussed in this section is used to share resources on the network using Windows? (Format: case sensitive)**

> Answer : SMB

**Question : What is the name of the utility that can be used to view logs made by a Windows system? (Format: 2 words, 1 space, not case sensitive)**

> Answer : Event Viewer

**Question : What is the full directory path to the Company Data share we created?**

> Answer : C:\Users\htb-student\Desktop\Company Data

## **Working with Services & Processes**

### Windows Services & Processes

**Question : Identify one of the non-standard update services running on the host. Submit the full name of the service executable (not the DisplayName) as your answer.**

<figure><img src="/files/NDpKeJzeoT6YQLZ54c9e" alt=""><figcaption></figcaption></figure>

> Answer : FoxitReaderUpdateService.exe

###  Service permisssion :&#x20;

> No answer needeed&#x20;

## **Interacting with Windows**

### Windows Sessions

> No answer needed&#x20;

## Interacting with the Windows Operating System

**Questions : What is the alias set for the ipconfig.exe command?**

<figure><img src="/files/kmp1yp9hVW15wUkeAVix" alt=""><figcaption></figcaption></figure>

>

After execution, we can see this line :&#x20;

```
Alias ifconfig -> ipconfig.exe    
Alias (alias name) -> (executed script)
```

> Answer : ifconfig&#x20;

**Question : Find the Execution Policy set for the LocalMachine scope.**

<figure><img src="/files/cNBqZ4F8B3jwq9zbAImd" alt=""><figcaption></figcaption></figure>

> Answer : Unrestricted&#x20;

## Windows Management Instrumentation (WMI):&#x20;

**Question : Use WMI to find the serial number of the system.**

<figure><img src="/files/3li98Om2KeCcz9G4Q41b" alt=""><figcaption></figcaption></figure>

> Answer : 00329-10280-00000-AA938

TODO :tada:


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://yannis-mlgrn.gitbook.io/writeups/hackthebox/htb-academy-windows-fundamentals.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.