HTB ACADEMY — Windows Fundamentals

https://academy.hackthebox.com/module/49/section/academy.hackthebox.com

Introduction

2 - Introduction to Windows

First search powershell in the app input bar and launch it.

Question : What is the Build Number of the target workstation?

Answer : 19041

Question : Which Windows NT version is installed on the workstation? (i.e. Windows X - case sensitive)

According to the table in the text : version 10.0 is for Windows 10

Answer : Windows 10

Core of the Operating System

1 - Operating System Structure

Question : Find the non-standard directory in the C drive. Submit the contents of the flag file saved in this directory.

Run the tree command given in the explaination.

Then, go to the directory and display the flag.txt file content :

Answer : c8fe8d977d3a0c655ed7cf81e4d13c75

2 - File System

Question : What system user has full control over the c:\users directory?

Answer : bob.smith

3 - NTFS vs. Share Permissions

Question : What protocol discussed in this section is used to share resources on the network using Windows? (Format: case sensitive)

Answer : SMB

Question : What is the name of the utility that can be used to view logs made by a Windows system? (Format: 2 words, 1 space, not case sensitive)

Answer : Event Viewer

Question : What is the full directory path to the Company Data share we created?

Answer : C:\Users\htb-student\Desktop\Company Data

Working with Services & Processes

Windows Services & Processes

Question : Identify one of the non-standard update services running on the host. Submit the full name of the service executable (not the DisplayName) as your answer.

Answer : FoxitReaderUpdateService.exe

 Service permisssion :

No answer needeed

Interacting with Windows

Windows Sessions

No answer needed

Interacting with the Windows Operating System

Questions : What is the alias set for the ipconfig.exe command?

After execution, we can see this line : 

Alias ifconfig -> ipconfig.exe    
Alias (alias name) -> (executed script)

Answer : ifconfig

Question : Find the Execution Policy set for the LocalMachine scope.

Answer : Unrestricted

Windows Management Instrumentation (WMI):

Question : Use WMI to find the serial number of the system.

Answer : 00329-10280-00000-AA938

TODO 🎉

PreviousHTB ACADEMY — Linux Fundamentals

Last updated