@echo offecho ---------------- Systeminfo ----------------systeminfoecho

1. @echo off
2.  
3. echo ---------------- Systeminfo ----------------
4. systeminfo
5. echo.
6.  
7. echo ---------------- Hostname ----------------
8. hostname
9. echo.
10.  
11. echo ---------------- Current User ----------------
12. echo %username%
13. echo.
14.  
15. echo ---------------- Current user information ----------------
16. net users %username%
17. echo.
18.  
19. echo ---------------- Administrator user information ----------------
20. net users Administrator
21. echo.
22.  
23.  
24. echo ---------------- List all users ----------------
25. net users
26. echo.
27.  
28.  
29. echo ---------------- Network information ----------------
30. ipconfig /all & route print & arp -a
31. echo.
32.  
33. echo ---------------- Environment ----------------
34. set
35. echo.
36.  
37. echo ---------------- List open connections ----------------
38. netstat -aton
39. echo.
40.  
41. echo ---------------- Firewall information ----------------
42. netsh firewall show state
43. netsh firewall show config
44. echo.
45.  
46.  
47. echo ---------------- List scheduled tasks ----------------
48. schtasks /query /fo LIST /v
49. echo.
50.  
51. echo ---------------- List windows services ----------------
52. net start
53. tasklist /SVC
54. WHERE wmic
55. IF %ERRORLEVEL% NEQ 1 wmic /locale:ms_409 service list brief > wmi.txt
56. type wmi.txt
57. echo.
58.  
59.  
60. echo ---------------- Incorrect permissions in services ----------------
61.  
62. WHERE wmic
63. IF %ERRORLEVEL% NEQ 1 GOTO WMIC_PERM
64. GOTO WMIC_NOT_FOUND:
65.  
66.  
67. :WMIC_PERM
68. for /f "tokens=2 delims='='" %%a in ('wmic service list full^|find /i "pathname"^|find /i /v "system32"') do @echo %%a >> permissions.txt
69. for /f eol^=^"^ delims^=^" %%a in (permissions.txt) do cmd.exe /c icacls %%a
70.  
71. :WMIC_NOT_FOUND:
72.  
73.  
74. WHERE sc
75. IF %ERRORLEVEL% NEQ 1 GOTO SC_PERM
76. GOTO SC_NOT_FOUND:
77.  
78.  
79. :SC_PERM
80. sc query state= all | findstr "SERVICE_NAME:" >> servicenames.txt
81. FOR /F "tokens=2 delims= " %%i in (servicenames.txt) DO @echo %%i >> services.txt
82. FOR /F %%i in (services.txt) do @sc qc %%i | findstr "BINARY_PATH_NAME" >> path.txt
83.  
84. :SC_NOT_FOUND:
85.  
86. accesschk.exe -uwcqv "Authenticated Users" * /accepteula
87. accesschk.exe -qdws "Authenticated Users" C:\Windows\ /accepteula
88. accesschk.exe -qdws Users C:\Windows\ /accepteula
89. accesschk.exe -uwqs Users C:\*.* /accepteula
90. accesschk.exe -uwqs "Authenticated Users" c:\*.* /accepteula
91. accesschk.exe -uwdqs Users C:\ /accepteula
92.  
93.  
94. echo ---------------- Incorrect permissions in folders ----------------
95.  
96. icacls "C:\Program Files\*" 2>nul | findstr "(F)" | findstr "Everyone"
97. icacls "C:\Program Files (x86)\*" 2>nul | findstr "(F)" | findstr "Everyone"
98. icacls "C:\Program Files\*" 2>nul | findstr "(F)" | findstr "BUILTIN\Users"
99. icacls "C:\Program Files (x86)\*" 2>nul | findstr "(F)" | findstr "BUILTIN\Users"
100. icacls "C:\Program Files\*" 2>nul | findstr "(M)" | findstr "Everyone"
101. icacls "C:\Program Files (x86)\*" 2>nul | findstr "(M)" | findstr "Everyone"
102. icacls "C:\Program Files\*" 2>nul | findstr "(M)" | findstr "BUILTIN\Users"
103. icacls "C:\Program Files (x86)\*" 2>nul | findstr "(M)" | findstr "BUILTIN\Users"
104.  
105.  
106. echo.
107.  
108.  
109. echo ---------------- Find unquoted paths ----------------
110. wmic service get name,displayname,pathname,startmode |findstr /i "Auto" |findstr /i /v "C:\Windows\\" |findstr /i /v """
111.  
112. echo.
113.  
114.  
115. echo ---------------- ClearText passwords ----------------
116.  
117. findstr /si password *.txt
118. findstr /si password *.xml
119. findstr /si password *.ini
120.  
121. dir /s *pass* == *cred* == *vnc* == *.config*
122. findstr /spin "password" *.*
123. findstr /spin "password" *.*
124. type c:\sysprep.inf
125. type c:\sysprep\sysprep.xml
126. type c:\unattend.xml
127. type %WINDIR%\Panther\Unattend\Unattended.xml
128. type %WINDIR%\Panther\Unattended.xml
129. dir c:*vnc.ini /s /b
130. dir c:*ultravnc.ini /s /b
131. dir c:\ /s /b | findstr /si *vnc.ini
132.  
133. reg query HKLM /f password /t REG_SZ /s
134. reg query HKCU /f password /t REG_SZ /s
135. reg query "HKLM\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogon"
136. reg query "HKLM\SYSTEM\Current\ControlSet\Services\SNMP"
137. reg query "HKCU\Software\SimonTatham\PuTTY\Sessions"
138. reg query HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4 /v password
139.  
140. reg query HKLM /f password /t REG_SZ /s
141. reg query HKCU /f password /t REG_SZ /s
142.  
143. echo.
144.  
145. echo ---------------- AlwaysInstallElevated ----------------
146.  
147. reg query HKCU\SOFTWARE\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated
148. reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\Installer /v AlwaysInstallElevated
149.  
150. echo.