π Windows File System Navigation & System Information
(Beginner-Friendly Notes for Ethical Hacking / Windows Basics)
1οΈβ£ Windows Command Line Basics (CMD)
πΉ Command Prompt (cmd.exe)
- Windows command-line interface
- Used to navigate files, run commands, and gather system info
- Commands are NOT case-sensitive
cd desktop
cd Desktop
cd DESKTOP
βοΈ All work the same, even though actual folder name is Desktop
2οΈβ£ Changing Directories (cd Command)
πΉ Move to Another Folder
cd Desktop
β‘οΈ Moves into the Desktop directory
πΉ Go Back One Level (Parent Directory)
cd ..
πΉ Go to Root Directory
cd /
or
cd \
π Example:
C:\Users\F C\Desktop> cd /
C:\>
βοΈ You are now in the root directory
3οΈβ£ Understanding Root Directory (C:\)
- Root directory = starting point of the Windows file system
- Example:
C:\
Common Root Folders
| Folder | Purpose |
|---|---|
Windows |
OS files |
Program Files |
64-bit apps |
Program Files (x86) |
32-bit apps |
Users |
User accounts |
ProgramData |
Shared app data (hidden) |
4οΈβ£ Listing Files & Folders (dir Command)
πΉ Basic Listing
dir
π Shows:
- Files
- Folders (
<DIR>) - File size
- Date & time
βοΈ dir is a built-in command in cmd.exe
πΉ Directory Symbols
| Symbol | Meaning |
|---|---|
. |
Current directory |
.. |
Parent directory |
5οΈβ£ Showing Hidden Files (dir /a)
πΉ Command
dir /a
π /a = show ALL files, including:
- Hidden
- System
- Junctions
- Symbolic links
Example Output Explained
<SYMLINKD> All Users -> C:\ProgramData
<JUNCTION> Default User -> C:\Users\Default
βοΈ These are links, not real folders
6οΈβ£ Windows Users Directory (C:\Users)
Structure
C:\Users
βββ Public
βββ F C
βββ Default
πΉ Public Folder
- Shared by all users
- Any user can access files inside
πΉ User Folder (F C)
- Created at first login
-
Contains:
- Desktop
- Documents
- Downloads
- AppData
πΉ Multiple Users in Windows
- Windows supports multiple users
-
Each user has:
- Separate files
- Separate settings
- Separate Temp files
C:\Users\<username>\AppData\Local\Temp
π New users can be created from:
- Control Panel
- Settings β Accounts
- Or via admin commands
7οΈβ£ AppData Folder (Important for Hackers)
π Path:
C:\Users\F C\AppData
| Folder | Purpose |
|---|---|
| Local | App cache, temp data |
| Roaming | Syncable user data |
| LocalLow | Low-privilege apps |
π Hidden by default
8οΈβ£ System Information (systeminfo)
πΉ Basic Command
systeminfo
What It Shows
- OS version
- Build number
- Installed hotfixes
- Hardware info
- Network info
- Boot time
βοΈ Very useful for enumeration
πΉ Invalid Syntax Example (Corrected)
β Wrong:
systeminfo -S
βοΈ Correct:
systeminfo /S system_name
πΉ Help Menu
systeminfo /?
Shows all valid options:
-
/Sβ Remote system -
/Uβ Username -
/Pβ Password -
/FOβ Output format (TABLE / LIST / CSV)
9οΈβ£ Environment Variables
πΉ Linux vs Windows Syntax
| OS | Syntax |
|---|---|
| Linux | $USER |
| Windows | %USERNAME% |
β Wrong:
echo $username
βοΈ Correct:
echo %username%
Output
F C
πΉ View All Variables
set
πΉ Custom Variable Example
set samina="sajjad"
echo %samina%
π Variables set like this:
- Are temporary
- Reset after closing CMD
π External System Tools (Sysinternals)
πΉ Why Needed?
Some commands like psinfo:
- β Not built-in
- βοΈ Must be downloaded
πΉ Sysinternals Suite
- Official Microsoft tools
-
Used for:
- System enumeration
- Process analysis
- Memory inspection
π₯ Download:
https://learn.microsoft.com/en-us/sysinternals/downloads
πΉ Example: psinfo
Shows:
- Uptime
- Kernel version
- CPU info
- RAM
- Video driver
βοΈ Useful for post-exploitation enumeration
1οΈβ£1οΈβ£ Key Takeaways (Quick Revision)
-
cdβ change directory -
cd /β root directory -
dirβ list files -
dir /aβ show hidden files -
%USERNAME%β Windows variable syntax -
systeminfoβ OS & hardware info - Sysinternals β advanced enumeration tools
-
Each Windows user has:
- Separate profile
- Separate temp files
- Separate AppData
Top comments (0)