Once you got the meterpreter session use ‘shell‘command to get command prompt of the target.
Now type wmic /? Displays help
wmic cpu list full - get Name, Caption, MaxClockSpeed, DeviceID, and etc status
wmic memory chip – to get get BankLabel, Capacity, Caption, CreationClassName, DataWidth, Description, Devicelocator, FormFactor, HotSwappable, InstallDate etc.
wmic process list full – to get Caption, CommandLine, Handle, HandleCount, PageFaults, PageFileUsage, PArentProcessId, ProcessId, ThreadCount
wmic startup – to get Caption, Location, Command
wmic bios – get name, version, serial number
wmic bootconfig - get BootDirectory, Caption, TempDirectory, Lastdrive
wmic startup - get Caption, Location, Command
wmic useraccount - get Account Type, Description, Domain, Disabled, Local Account, Lockout, Password Changeable, Password Expires, Password Required, SID
wmic sysdriver - get Caption, Name, PathName, ServiceType, State, Status
wmic share - get name, path, status
baseboard | get Manufacturer, Model, Name, PartNumber, slotlayout, serialnumber, poweredon |
cdrom | get Name, Drive, Volumename |
computersystem | get Name, domain, Manufacturer, Model, NumberofProcessors, PrimaryOwnerName,Username, Roles, totalphysicalmemory /format:list |
datafile | where name='c:\\boot.ini' get Archive, FileSize, FileType, InstallDate, Readable, Writeable, System, Version |
dcomapp | get Name, AppID /format:list |
desktop | get Name, ScreenSaverExecutable, ScreenSaverActive, Wallpaper /format:list |
desktopmonitor | get screenheight, screenwidth |
diskdrive | get Name, Manufacturer, Model, InterfaceType, MediaLoaded, MediaType |
diskquota | get User, Warninglimit, DiskSpaceUsed, QuotaVolume |
environment | get Description, VariableValue |
fsdir | where name='c:\\windows' get Archive, CreationDate, LastModified, Readable, Writeable, System, Hidden, Status |
group | get Caption, InstallDate, LocalAccount, Domain, SID, Status |
idecontroller | get Name, Manufacturer, DeviceID, Status |
irq | get Name, Status |
job | get Name, Owner, DaysOfMonth, DaysOfWeek, ElapsedTime, JobStatus, StartTime, Status |
loadorder | get Name, DriverEnabled, GroupOrder, Status |
logicaldisk | get Name, Compressed, Description, DriveType, FileSystem, FreeSpace, SupportsDiskQuotas, VolumeDirty, VolumeName |
memcache | get Name, BlockSize, Purpose, MaxCacheSize, Status |
memlogical | get AvailableVirtualMemory, TotalPageFileSpace, TotalPhysicalMemory, TotalVirtualMemory |
memphysical | get Manufacturer, Model, SerialNumber, MaxCapacity, MemoryDevices |
netclient | get Caption, Name, Manufacturer, Status |
netlogin | get Name, Fullname, ScriptPath, Profile, UserID, NumberOfLogons, PasswordAge, LogonServer, HomeDirectory, PrimaryGroupID |
netprotocol | get Caption, Description, GuaranteesSequencing, SupportsBroadcasting, SupportsEncryption, Status |
netuse | get Caption, DisplayType, LocalName, Name, ProviderName, Status |
nic | get AdapterType, AutoSense, Name, Installed, MACAddress, PNPDeviceID,PowerManagementSupported, Speed, StatusInfo |
nicconfig | get MACAddress, DefaultIPGateway, IPAddress, IPSubnet, DNSHostName, DNSDomain |
ntdomain | get Caption, ClientSiteName, DomainControllerAddress, DomainControllerName, Roles, Status |
ntevent | where (LogFile='system' and SourceName='W32Time') get Message, TimeGenerated |
onboarddevice | get Description, DeviceType, Enabled, Status |
os | get Version, Caption, CountryCode, CSName, Description, InstallDate, SerialNumber, ServicePackMajorVersion, WindowsDirectory /format:list |
pagefile | get Caption, CurrentUsage, Status, TempPageFile |
pagefileset | get Name, InitialSize, MaximumSize |
partition | get Caption, Size, PrimaryPartition, Status, Type |
printer | get DeviceID, DriverName, Hidden, Name, PortName, PowerManagementSupported, PrintJobDataType, VerticalResolution, Horizontalresolution |
printjob | get Description, Document, ElapsedTime, HostPrintQueue, JobID, JobStatus, Name, Notify, Owner, TimeSubmitted, TotalPages |
product | get Description, InstallDate, Name, Vendor, Version |
qfe | get description, FixComments, HotFixID, InstalledBy, InstalledOn, ServicePackInEffect |
quotasetting | get Caption, DefaultLimit, Description, DefaultWarningLimit, SettingID, State |
recoveros | get AutoReboot, DebugFilePath, WriteDebugInfo, WriteToSystemLog |
Registry | get CurrentSize, MaximumSize, ProposedSize, Status |
scsicontroller | get Caption, DeviceID, Manufacturer, PNPDeviceID |
server | get ErrorsAccessPermissions, ErrorsGrantedAccess, ErrorsLogon, ErrorsSystem, FilesOpen, FileDirectorySearches |
service | get Name, Caption, State, ServiceType, StartMode, pathname |
sounddev | get Caption, DeviceID, PNPDeviceID, Manufacturer, status |
sysaccount | get Caption, Domain, Name, SID, SIDType, Status |
systemenclosure | get Caption, Height, Depth, Manufacturer, Model, SMBIOSAssetTag, AudibleAlarm, SecurityStatus, SecurityBreach, PoweredOn, NumberOfPowerCords |
systemslot | get Number, SlotDesignation, Status, SupportsHotPlug, Version, CurrentUsage, ConnectorPinout |
tapedrive | get Name, Capabilities, Compression, Description, MediaType, NeedsCleaning, Status, StatusInfo |
timezone | get Caption, Bias, DaylightBias, DaylightName, StandardName |