Advertisement
Guest User

20221215_howards_surfacepro

a guest
Dec 15th, 2022
168
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.70 KB | Cybersecurity | 0 0
  1. C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>c:\Windows\System32\certutil.exe -dump cacerts.pem
  2. X509 Certificate:
  3. Version: 1
  4. Serial Number: 01a5
  5. Signature Algorithm:
  6. Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
  7. Algorithm Parameters:
  8. 05 00
  9. Issuer:
  10. CN=GTE CyberTrust Global Root
  11. OU=GTE CyberTrust Solutions, Inc.
  12. O=GTE Corporation
  13. C=US
  14. Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
  15. Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
  16.  
  17. NotBefore: 8/12/1998 4:29 PM
  18. NotAfter: 8/13/2018 3:59 PM
  19.  
  20. Subject:
  21. CN=GTE CyberTrust Global Root
  22. OU=GTE CyberTrust Solutions, Inc.
  23. O=GTE Corporation
  24. C=US
  25. Name Hash(sha1): 697bb4081898dfa9c6208c0fa897e2f60ee66c7e
  26. Name Hash(md5): 1d4d654df8262fc7e8be90f155a00b29
  27.  
  28. Public Key Algorithm:
  29. Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
  30. Algorithm Parameters:
  31. 05 00
  32. Public Key Length: 1024 bits
  33. Public Key: UnusedBits = 0
  34. 0000 30 81 89 02 81 81 00 95 0f a0 b6 f0 50 9c e8 7a
  35. 0010 c7 88 cd dd 17 0e 2e b0 94 d0 1b 3d 0e f6 94 c0
  36. 0020 8a 94 c7 06 c8 90 97 c8 b8 64 1a 7a 7e 6c 3c 53
  37. 0030 e1 37 28 73 60 7f b2 97 53 07 9f 53 f9 6d 58 94
  38. 0040 d2 af 8d 6d 88 67 80 e6 ed b2 95 cf 72 31 ca a5
  39. 0050 1c 72 ba 5c 02 e7 64 42 e7 f9 a9 2c d6 3a 0d ac
  40. 0060 8d 42 aa 24 01 39 e6 9c 3f 01 85 57 0d 58 87 45
  41. 0070 f8 d3 85 aa 93 69 26 85 70 48 80 3f 12 15 c7 79
  42. 0080 b4 1f 05 2f 3b 62 99 02 03 01 00 01
  43. Certificate Extensions: 0
  44. Signature Algorithm:
  45. Algorithm ObjectId: 1.2.840.113549.1.1.4 md5RSA
  46. Algorithm Parameters:
  47. 05 00
  48. Signature: UnusedBits=0
  49. 0000 7f 7a 0b ab f9 cc a7 ba ad 95 cd b5 22 1f 4f ae
  50. 0010 aa c7 6d 85 5c 9d 1f 9e d8 94 cb ef 93 95 0f 0d
  51. 0020 a7 24 c4 34 85 a3 d7 b0 5b 5f 97 05 ec 8e bf 61
  52. 0030 68 f5 7c e2 d5 fa ba 4e 95 c0 b9 1e 42 8b d9 b1
  53. 0040 5c f3 ea f0 e9 18 54 63 9b 7d 55 76 f4 dc 7d b9
  54. 0050 d7 74 c8 40 df 4e 34 7b 9e 08 13 81 33 16 83 c5
  55. 0060 30 0e ab fb 3d 85 03 14 a2 73 de a6 7c a0 e3 77
  56. 0070 48 3c 2a a4 61 22 67 db 51 d9 5e e9 09 1b eb 6d
  57. Signature matches Public Key
  58. Root Certificate: Subject matches Issuer
  59. Key Id Hash(rfc-sha1): a60c1d9f61ff0717b5bf3846db4330d58eb05206
  60. Key Id Hash(sha1): 597912de6175d66fc423b7771374c796de6f8872
  61. Key Id Hash(bcrypt-sha1): d96f7667462f547917c58db4d86ad42368234265
  62. Key Id Hash(bcrypt-sha256): 6d715d0d3a76b9f0e8350632c8c98e16fb749fda8366939c7346a6e3f893ba0b
  63. Key Id Hash(md5): b9632f69390c2f2d6b23e01fec8c7389
  64. Key Id Hash(sha256): f5821f4358e777462928058e50f3c699e617c8baf1e68a945c5aa4bf7f337d95
  65. Key Id Hash(pin-sha256): EGn6R6CqT4z3ERscrqNl7q7RC//zJmDe9uBhS/rnCHU=
  66. Key Id Hash(pin-sha256-hex): 1069fa47a0aa4f8cf7111b1caea365eeaed10bfff32660def6e0614bfae70875
  67. Cert Hash(md5): ca3dd368f1035cd032fab82b59e85adb
  68. Cert Hash(sha1): 97817950d81c9670cc34d809cf794431367ef474
  69. Cert Hash(sha256): a53125188d2110aa964b02c7b7c6da3203170894e5fb71fffb6667d5e6810a36
  70. Signature Hash: e1b34a19374fc710c61667b82e8f1c2c
  71. CertUtil: -dump command completed successfully.
  72.  
  73. C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib>dir *
  74. Volume in drive C is Local Disk
  75. Volume Serial Number is CE99-32AA
  76.  
  77. Directory of C:\Program Files\Microsoft Office\root\Office16\ODBC Drivers\Salesforce\lib
  78.  
  79. 01/18/2022 06:20 PM <DIR> .
  80. 01/18/2022 06:20 PM <DIR> ..
  81. 01/18/2022 06:20 PM <DIR> 1033
  82. 01/18/2022 06:20 PM <DIR> 1036
  83. 01/18/2022 06:20 PM <DIR> 3082
  84. 01/18/2022 06:20 PM 255,048 cacerts.pem
  85. 01/18/2022 06:20 PM <DIR> LibCurl64.DllA
  86. 01/18/2022 06:20 PM <DIR> OpenSSL64.DllA
  87. 01/18/2022 06:20 PM 27,109,768 sbicudt58_64.dll
  88. 01/18/2022 06:20 PM 2,431,880 sbicuin58_64.dll
  89. 01/18/2022 06:20 PM 1,783,688 sbicuuc58_64.dll
  90. 01/18/2022 06:20 PM 320 sfodbc.did
  91. 01/18/2022 06:20 PM 17,979,800 sfodbc_sb64.dll
  92. 01/18/2022 06:19 PM 281,472 zlibwapi.dll
  93. 7 File(s) 49,841,976 bytes
  94. 7 Dir(s) 91,787,829,248 bytes free
  95. Directory of D:\
  96.  
  97. 06/15/2022 12:24 PM <DIR> Recovery
  98. 06/15/2022 04:21 AM <DIR> System Volume Information
  99. 0 File(s) 0 bytes
  100. 2 Dir(s) 364,052,480 bytes free
  101.  
  102. D:\Recovery>dir * /ah
  103. Volume in drive D is Windows RE tools
  104. Volume Serial Number is C69B-563C
  105.  
  106. Directory of D:\Recovery
  107.  
  108. 06/15/2022 12:24 PM <DIR> .
  109. 06/20/2022 07:13 PM <DIR> ..
  110. 06/20/2022 07:13 PM <DIR> Logs
  111. 06/15/2022 04:23 AM <DIR> WindowsRE
  112. 0 File(s) 0 bytes
  113. 4 Dir(s) 364,052,480 bytes free
  114.  
  115. D:\Recovery\WindowsRE>c:\Windows\System32\certutil -dump Winre.wim
  116. Private Key:
  117. 0000 4d 53 57 49 MSWI
  118. 000000 ...
  119. 22b47ce5
  120. CertUtil: -dump command completed successfully.
  121.  
  122. X:\windows\system32>NET STOP Audiosrv
  123. The Windows Audio service is stopping.
  124. The Windows Audio service was stopped successfully.
  125.  
  126.  
  127. X:\windows\system32>NET STOP AudioEndpointBuilder
  128. The Windows Audio Endpoint Builder service is stopping.
  129. The Windows Audio Endpoint Builder service was stopped successfully.
  130.  
  131.  
  132. X:\windows\system32>netstat -ano
  133.  
  134. Active Connections
  135.  
  136. Proto Local Address Foreign Address State PID
  137. TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 980
  138. TCP [::]:135 [::]:0 LISTENING 980
  139. UDP 0.0.0.0:500 *:* 468
  140. UDP 0.0.0.0:4500 *:* 468
  141. UDP [::]:500 *:* 468
  142. UDP [::]:4500 *:* 468
  143.  
  144. X:\windows\system32>
  145.  
  146.  
  147. C:\>C:\Windows\System32\certutil -dump "D:\ConnectedDevicesPlatform\Connected Devices Platform certificates.sst"
  148. ================ Certificate 0 ================
  149. ================ Begin Nesting Level 1 ================
  150. Element 0:
  151. Serial Number: 6fc1cc52d9d4b48e4d579543f3471ab2
  152. Issuer: CN=Microsoft Connected Devices Platform device certificate
  153. NotBefore: 6/15/2022 4:23 AM
  154. NotAfter: 6/16/2122 4:23 AM
  155. Subject: CN=Microsoft Connected Devices Platform device certificate
  156. Signature matches Public Key
  157. Root Certificate: Subject matches Issuer
  158. Cert Hash(sha1): 0e8a2b5060e424cc80a53dfeae28cba618daad83
  159. ---------------- End Nesting Level 1 ----------------
  160. Key Container = Microsoft Connected Devices Platform device certificate
  161. Provider = Microsoft Software Key Storage Provider
  162. Missing stored keyset
  163. CertUtil: -dump command completed successfully.
  164.  
  165. C:\>
  166.  
  167.  
  168. D:\>xcopy * /H /S e:\howardssurface\
  169. D:CDPGlobalSettings.cdp.txt
  170. D:certoutput.txt
  171. D:Recovery.txt
  172. D:ConnectedDevicesPlatform\CDPGlobalSettings.cdp
  173. D:ConnectedDevicesPlatform\Connected Devices Platform certificates.sst
  174. D:ConnectedDevicesPlatform\L.defaultuser0.cdp
  175. D:ConnectedDevicesPlatform\L.defaultuser0.cdpresource
  176. D:pem\cacerts.pem
  177. D:pem\cacerts.txt
  178. D:pem\driverstore\cacert.pem
  179. D:Recovery\Logs\BootUX (1).sqml
  180. D:Recovery\Logs\BootUX (2).sqml
  181. D:Recovery\Logs\BootUX (3).sqml
  182. D:Recovery\Logs\Reload.xml
  183. D:Recovery\WindowsRE\boot.sdi
  184. D:Recovery\WindowsRE\ReAgent.xml
  185. D:Recovery\WindowsRE\Winre.wim
  186. D:System Volume Information\tracking.log
  187. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\CDPGlobalSettings.cdp
  188. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\Connected Devices Platform certificates.sst
  189. D:windows_serviceprofiles_localservice_appdata_local_connecteddevicesplatform\L.defaultuser0.cdp
  190. 21 File(s) copied
  191.  
  192.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement