Tryhackme:Intro to Windows

A little history:

Windows history:

Windows versions:

  1. Windows 1
  2. Windows 2
  3. Windows 2.x
  4. Windows 3.x
  5. Windows 95
  6. Windows 98
  7. Windows NT
  8. Windows XP
  9. Windows Vista
  10. Windows 7
  11. Windows 8.x
  12. Windows 10

Windows server versions:

  1. Windows Server 2003
  2. Windows Server 2008
  3. Windows Server 2012 / 2012 R2
  4. Windows Server 2016
  5. Windows Server 2019

Windows file system and permissions explained:

What is the file system?

Windows file system structure is:

  • Logical drives (Ex: Local Disk C)
  • Folders (these are the folders that come by default. Ex: Documents, Downloads, Music)
  • Files
  • PerfLogs
  • Program Files
  • Program Files (x86)
  • Users
  • Windows
  1. PerfLogs — Stores the system issues and other reports regarding performance
  2. Program Files and Program Files (x86) — Is the location where programs install unless you change their path (Ex: Choosing to install software on D drive)
  3. Users — In this folder are stored the users created. It also stores users generated data (Ex: Saving a file on your Desktop)
  4. Windows — It’s the folder which basically contains the code to run the operating system and some utility tools (we’ll talk about them later)
  • Users
  • Groups
  • Full control
  • Modify
  • Read & execute
  • List folders content
  • Read
  • Write
  • Special permissions

Understanding the authentication process:

What is authentication?

Local authentication

  • On-Premise Active Directory (AD)
  • Azure Active Directory (AAD)

Authentication on On-Premise Active Directory

  • NTLM
  • LDAP / LDAPS
  • KERBEROS

NTLM / NTLM 2

LDAP / LDAPS

The procedure is similar to the image below:

KERBEROS

Authentication on Azure Active Directory

  • SAML (Security Assertion Markup Language)
  • OAUTH 2.0
  • OpenID Connect

SAML (Security Assertion Markup Language)

OAUTH 2.0

OAuth 2.0 spec has four important roles:

  • The authorization server, which is the server that issues the access token.
  • The resource owner, normally your application’s end-user, that grants permission to access the resource server with an access token.
  • The client, which is the application that requests the access token, and then passes it to the resource server.
  • The resource server, which accepts the access token and must verify that it is valid. In this case, this is your application.

OpenID Connect

Utility tools:

Built-in utility tools

  • Computer Management
  • Local Security Policy
  • Disk Cleanup
  • Registry Editor
  • Command-line tools
  • Registry Editor (Regedit)

Computer Management

  • Task Scheduler
  • Event Viewer
  • Shared Folders
  • Local users & computers
  • Performance Monitor
  • Disk Management
  • Services & Applications

Registry Editor

Command-line tools

  • CMD
  • Powershell
  • Windows Terminal

Registry Editor

  • HKEY_CLASSES_ROOT
  • HKEY_CURRENT_USER
  • HKEY_LOCAL_MACHINE
  • HKEY_USERS
  • HKEY_CURRENT_CONFIG

Types of servers:

What is a server?

Types of servers

  • Domain Controller
  • File server
  • Web server
  • FTP Server
  • Mail Server
  • Database Server
  • Proxy Server
  • Application Server

Users and Groups Management:

Users and Groups Management in Active Directory

  1. Right-clicking a user > Add to a group

Creating your first GPO:

What is Group Policy Objects?

Creating our first GPO

--

--

--

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Continuous Delivery at Up

Advanced Active Recored Query with Arel

3 Ways CRISPR is Used to Fight the Coronavirus

Search automation in Google Translate using basic Python

Bundle Configuration in Salesforce CPQ

SEO GUIDE — PART 2 : ASPECTS OF STRUCTURAL SEO AND WEBSITE SEO AUDITS

LC | Weekly Contest 277 | Q4 | 2151. Maximum Good People Based on Statements | Hard

Setting up my new Mac (Part 1 — the apps I use)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
jagadeesh

jagadeesh

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

More from Medium

TryHackMe: Solar, exploiting log4j Walkthrough.

📱How To Unlock iPhone?

Log4Shell : A critical 0 Day

How Do Hackers Hacks Computers With Fake Video ? — Security Advices