Users

The command prompt and powershell of a Windows system can be used to list, manage and manipulate the users of a system. Here are some of the commands that can be used for enumeration and manipulation of a system,

Shell's Context

The username the shell is running as can be viewed using the following command,

whoami
whoami /groups #Groups that the user is part of

List Users and Groups

The users and groups within a domain can be listed by adding the domain to the end of the command "/<domain>"

net user
net groups
#Powershell
Get-LocalUser
Get-LocalGroup

Details about a User - password profile, groups, etc.

net user alice /<domain>
#Powershell
Get-LocalGroupMember <group name>
Get-LocalGroupMember Administrators

List of users and their attributes

https://github.com/SisyphusP42/vapt/blob/main/Windows_Users%26Attributes

List of Logged in Users

Powerview script from github to list logged in users.

Import-Module .\PowerView.ps1
Get-NetLoggedon -ComputerName p42176 #for locally logged in users
Get-NetSession -ComputerName p42 #for domain logged in users

Add new User

net user alice password123$ /add

Add User to Group

net localgroup administrators alice /add #There usually is a default administrator group
net localgroup "Remote Desktop Users" alice /add #This will allow an user to login through RDP

PreviousEnumeration NextPowershell History

Last updated 2 years ago