Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>c:\Windows\System32\certutil.exe -dump cacerts.pem
- X509 Certificate:
- Version: 1
- Serial Number: 01a5
- Signature Algorithm:
- Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
- Algorithm Parameters:
- 05 00
- Issuer:
- CN=GTE CyberTrust Global Root
- OU=GTE CyberTrust Solutions, Inc.
- O=GTE Corporation
- C=US
- Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
- Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
- NotBefore: 8/12/1998 4:29 PM
- NotAfter: 8/13/2018 3:59 PM
- Subject:
- CN=GTE CyberTrust Global Root
- OU=GTE CyberTrust Solutions, Inc.
- O=GTE Corporation
- C=US
- Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
- Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
- Public Key Algorithm:
- Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
- Algorithm Parameters:
- 05 00
- Public Key Length: 1024 bits
- Public Key: UnusedBits = 0
- 0000 30 81 89 02 81 81 00 95 0f a0 b6 f0 50 9c e8 7a
- 0010 c7 88 cd dd 17 0e 2e b0 94 d0 1b 3d 0e f6 94 c0
- 0020 8a 94 c7 06 c8 90 97 c8 b8 64 1a 7a 7e 6c 3c 53
- 0030 e1 37 28 73 60 7f b2 97 53 07 9f 53 f9 6d 58 94
- 0040 d2 af 8d 6d 88 67 80 e6 ed b2 95 cf 72 31 ca a5
- 0050 1c 72 ba 5c 02 e7 64 42 e7 f9 a9 2c d6 3a 0d ac
- 0060 8d 42 aa 24 01 39 e6 9c 3f 01 85 57 0d 58 87 45
- 0070 f8 d3 85 aa 93 69 26 85 70 48 80 3f 12 15 c7 79
- 0080 b4 1f 05 2f 3b 62 99 02 03 01 00 01
- Certificate Extensions: 0
- Signature Algorithm:
- Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
- Algorithm Parameters:
- 05 00
- Signature: UnusedBits=0
- 0000 7f 7a 0b ab f9 cc a7 ba ad 95 cd b5 22 1f 4f ae
- 0010 aa c7 6d 85 5c 9d 1f 9e d8 94 cb ef 93 95 0f 0d
- 0020 a7 24 c4 34 85 a3 d7 b0 5b 5f 97 05 ec 8e bf 61
- 0030 68 f5 7c e2 d5 fa ba 4e 95 c0 b9 1e 42 8b d9 b1
- 0040 5c f3 ea f0 e9 18 54 63 9b 7d 55 76 f4 dc 7d b9
- 0050 d7 74 c8 40 df 4e 34 7b 9e 08 13 81 33 16 83 c5
- 0060 30 0e ab fb 3d 85 03 14 a2 73 de a6 7c a0 e3 77
- 0070 48 3c 2a a4 61 22 67 db 51 d9 5e e9 09 1b eb 6d
- Signature matches Public Key
- Root Certificate: Subject matches Issuer
- Key Id Hash(rfc-sha1): a60c1d9f61ff0717b5bf3846db4330d58eb05206
- Key Id Hash(sha1): 597912de6175d66fc423b7771374c796de6f8872
- Key Id Hash(bcrypt-sha1): d96f7667462f547917c58db4d86ad42368234265
- Key Id Hash(bcrypt-sha256): 6d715d0d3a76b9f0e8350632c8c98e16fb749fda8366939c7346a6e3f893ba0b
- Key Id Hash(md5): b9632f69390c2f2d6b23e01fec8c7389
- Key Id Hash(sha256): f5821f4358e777462928058e50f3c699e617c8baf1e68a945c5aa4bf7f337d95
- Key Id Hash(pin-sha256): EGn6R6CqT4z3ERscrqNl7q7RC//zJmDe9uBhS/rnCHU=
- Key Id Hash(pin-sha256-hex): 1069fa47a0aa4f8cf7111b1caea365eeaed10bfff32660def6e0614bfae70875
- Cert Hash(md5): ca3dd368f1035cd032fab82b59e85adb
- Cert Hash(sha1): 97817950d81c9670cc34d809cf794431367ef474
- Cert Hash(sha256): a53125188d2110aa964b02c7b7c6da3203170894e5fb71fffb6667d5e6810a36
- Signature Hash: e1b34a19374fc710c61667b82e8f1c2c
- CertUtil: -dump command completed successfully.
- C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>dir *
- Volume in drive C is Local Disk
- Volume Serial Number is CE99-32AA
- Directory of C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib
- 01/18/2022 06:20 PM <DIR> .
- 01/18/2022 06:20 PM <DIR> ..
- 01/18/2022 06:20 PM <DIR> 1033
- 01/18/2022 06:20 PM <DIR> 1036
- 01/18/2022 06:20 PM <DIR> 3082
- 01/18/2022 06:20 PM 255,048 cacerts.pem
- 01/18/2022 06:20 PM <DIR> LibCurl64.DllA
- 01/18/2022 06:20 PM <DIR> OpenSSL64.DllA
- 01/18/2022 06:20 PM 27,109,768 sbicudt58_64.dll
- 01/18/2022 06:20 PM 2,431,880 sbicuin58_64.dll
- 01/18/2022 06:20 PM 1,783,688 sbicuuc58_64.dll
- 01/18/2022 06:20 PM 320 sfodbc.did
- 01/18/2022 06:20 PM 17,979,800 sfodbc_sb64.dll
- 01/18/2022 06:19 PM 281,472 zlibwapi.dll
- 7 File(s) 49,841,976 bytes
- 7 Dir(s) 91,787,829,248 bytes free
- Directory of D:\
- 06/15/2022 12:24 PM <DIR> Recovery
- 06/15/2022 04:21 AM <DIR> System Volume Information
- 0 File(s) 0 bytes
- 2 Dir(s) 364,052,480 bytes free
- D:\Recovery>dir * /ah
- Volume in drive D is Windows RE tools
- Volume Serial Number is C69B-563C
- Directory of D:\Recovery
- 06/15/2022 12:24 PM <DIR> .
- 06/20/2022 07:13 PM <DIR> ..
- 06/20/2022 07:13 PM <DIR> Logs
- 06/15/2022 04:23 AM <DIR> WindowsRE
- 0 File(s) 0 bytes
- 4 Dir(s) 364,052,480 bytes free
- D:\Recovery\WindowsRE>c:\Windows\System32\certutil -dump Winre.wim
- Private Key:
- 0000 4d 53 57 49 MSWI
- 000000 ...
- 22b47ce5
- CertUtil: -dump command completed successfully.
- X:\windows\system32>NET STOP Audiosrv
- The Windows Audio service is stopping.
- The Windows Audio service was stopped successfully.
- X:\windows\system32>NET STOP AudioEndpointBuilder
- The Windows Audio Endpoint Builder service is stopping.
- The Windows Audio Endpoint Builder service was stopped successfully.
- X:\windows\system32>netstat -ano
- Active Connections
- Proto Local Address Foreign Address State PID
- TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 980
- TCP [::]:135 [::]:0 LISTENING 980
- UDP 0.0.0.0:500 *:* 468
- UDP 0.0.0.0:4500 *:* 468
- UDP [::]:500 *:* 468
- UDP [::]:4500 *:* 468
- X:\windows\system32>
- C:\>C:\Windows\System32\certutil -dump "D:\ConnectedDevicesPlatform\Connected Devices Platform certificates.sst"
- ================ Certificate 0 ================
- ================ Begin Nesting Level 1 ================
- Element 0:
- Serial Number: 6fc1cc52d9d4b48e4d579543f3471ab2
- Issuer: CN=Microsoft Connected Devices Platform device certificate
- NotBefore: 6/15/2022 4:23 AM
- NotAfter: 6/16/2122 4:23 AM
- Subject: CN=Microsoft Connected Devices Platform device certificate
- Signature matches Public Key
- Root Certificate: Subject matches Issuer
- Cert Hash(sha1): 0e8a2b5060e424cc80a53dfeae28cba618daad83
- ---------------- End Nesting Level 1 ----------------
- Key Container = Microsoft Connected Devices Platform device certificate
- Provider = Microsoft Software Key Storage Provider
- Missing stored keyset
- CertUtil: -dump command completed successfully.
- C:\>
- D:\>xcopy * /H /S e:\howardssurface\
- D:CDPGlobalSettings.cdp.txt
- D:certoutput.txt
- D:Recovery.txt
- D:ConnectedDevicesPlatform\CDPGlobalSettings.cdp
- D:ConnectedDevicesPlatform\Connected Devices Platform certificates.sst
- D:ConnectedDevicesPlatform\L.defaultuser0.cdp
- D:ConnectedDevicesPlatform\L.defaultuser0.cdpresource
- D:pem\cacerts.pem
- D:pem\cacerts.txt
- D:pem\driverstore\cacert.pem
- D:Recovery\Logs\BootUX (1).sqml
- D:Recovery\Logs\BootUX (2).sqml
- D:Recovery\Logs\BootUX (3).sqml
- D:Recovery\Logs\Reload.xml
- D:Recovery\WindowsRE\boot.sdi
- D:Recovery\WindowsRE\ReAgent.xml
- D:Recovery\WindowsRE\Winre.wim
- D:System Volume Information\tracking.log
- D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\CDPGlobalSettings.cdp
- D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\Connected Devices Platform certificates.sst
- D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\L.defaultuser0.cdp
- 21 File(s) copied
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement