📘 Windows File System Navigation & System Information
(Beginner-Friendly Notes for Ethical Hacking / Windows Basics)
1️⃣ Windows Command Line Basics (CMD)
🔹 Command Prompt (cmd.exe)
- Windows command-line interface
- Used to navigate files, run commands, and gather system info
- Commands are NOT case-sensitive
cd desktop
cd Desktop
cd DESKTOP
✔️ All work the same, even though actual folder name is Desktop
2️⃣ Changing Directories (cd Command)
🔹 Move to Another Folder
cd Desktop
➡️ Moves into the Desktop directory
🔹 Go Back One Level (Parent Directory)
cd ..
🔹 Go to Root Directory
cd /
or
cd \
📌 Example:
C:\Users\F C\Desktop> cd /
C:\>
✔️ You are now in the root directory
3️⃣ Understanding Root Directory (C:\)
- Root directory = starting point of the Windows file system
- Example:
C:\
Common Root Folders
| Folder | Purpose |
|---|---|
Windows |
OS files |
Program Files |
64-bit apps |
Program Files (x86) |
32-bit apps |
Users |
User accounts |
ProgramData |
Shared app data (hidden) |
4️⃣ Listing Files & Folders (dir Command)
🔹 Basic Listing
dir
📌 Shows:
- Files
- Folders (
<DIR>) - File size
- Date & time
✔️ dir is a built-in command in cmd.exe
🔹 Directory Symbols
| Symbol | Meaning |
|---|---|
. |
Current directory |
.. |
Parent directory |
5️⃣ Showing Hidden Files (dir /a)
🔹 Command
dir /a
📌 /a = show ALL files, including:
- Hidden
- System
- Junctions
- Symbolic links
Example Output Explained
<SYMLINKD> All Users -> C:\ProgramData
<JUNCTION> Default User -> C:\Users\Default
✔️ These are links, not real folders
6️⃣ Windows Users Directory (C:\Users)
Structure
C:\Users
├── Public
├── F C
├── Default
🔹 Public Folder
- Shared by all users
- Any user can access files inside
🔹 User Folder (F C)
- Created at first login
-
Contains:
- Desktop
- Documents
- Downloads
- AppData
🔹 Multiple Users in Windows
- Windows supports multiple users
-
Each user has:
- Separate files
- Separate settings
- Separate Temp files
C:\Users\<username>\AppData\Local\Temp
📌 New users can be created from:
- Control Panel
- Settings → Accounts
- Or via admin commands
7️⃣ AppData Folder (Important for Hackers)
📍 Path:
C:\Users\F C\AppData
| Folder | Purpose |
|---|---|
| Local | App cache, temp data |
| Roaming | Syncable user data |
| LocalLow | Low-privilege apps |
📌 Hidden by default
8️⃣ System Information (systeminfo)
🔹 Basic Command
systeminfo
What It Shows
- OS version
- Build number
- Installed hotfixes
- Hardware info
- Network info
- Boot time
✔️ Very useful for enumeration
🔹 Invalid Syntax Example (Corrected)
❌ Wrong:
systeminfo -S
✔️ Correct:
systeminfo /S system_name
🔹 Help Menu
systeminfo /?
Shows all valid options:
-
/S→ Remote system -
/U→ Username -
/P→ Password -
/FO→ Output format (TABLE / LIST / CSV)
9️⃣ Environment Variables
🔹 Linux vs Windows Syntax
| OS | Syntax |
|---|---|
| Linux | $USER |
| Windows | %USERNAME% |
❌ Wrong:
echo $username
✔️ Correct:
echo %username%
Output
F C
🔹 View All Variables
set
🔹 Custom Variable Example
set samina="sajjad"
echo %samina%
📌 Variables set like this:
- Are temporary
- Reset after closing CMD
🔟 External System Tools (Sysinternals)
🔹 Why Needed?
Some commands like psinfo:
- ❌ Not built-in
- ✔️ Must be downloaded
🔹 Sysinternals Suite
- Official Microsoft tools
-
Used for:
- System enumeration
- Process analysis
- Memory inspection
📥 Download:
https://learn.microsoft.com/en-us/sysinternals/downloads
🔹 Example: psinfo
Shows:
- Uptime
- Kernel version
- CPU info
- RAM
- Video driver
✔️ Useful for post-exploitation enumeration
1️⃣1️⃣ Key Takeaways (Quick Revision)
-
cd→ change directory -
cd /→ root directory -
dir→ list files -
dir /a→ show hidden files -
%USERNAME%→ Windows variable syntax -
systeminfo→ OS & hardware info - Sysinternals → advanced enumeration tools
-
Each Windows user has:
- Separate profile
- Separate temp files
- Separate AppData
Top comments (0)