Tryhackme:Intro to Windows

A little history:

Windows history:

Windows versions:

  1. Windows 1
  2. Windows 2
  3. Windows 2.x
  4. Windows 3.x
  5. Windows 95
  6. Windows 98
  7. Windows NT
  8. Windows XP
  9. Windows Vista
  10. Windows 7
  11. Windows 8.x
  12. Windows 10

Windows server versions:

  1. Windows Server 2003
  2. Windows Server 2008
  3. Windows Server 2012 / 2012 R2
  4. Windows Server 2016
  5. Windows Server 2019

Windows file system and permissions explained:

What is the file system?

Windows file system structure is:

  • Logical drives (Ex: Local Disk C)
  • Folders (these are the folders that come by default. Ex: Documents, Downloads, Music)
  • Files
  • PerfLogs
  • Program Files
  • Program Files (x86)
  • Users
  • Windows
  1. PerfLogs — Stores the system issues and other reports regarding performance
  2. Program Files and Program Files (x86) — Is the location where programs install unless you change their path (Ex: Choosing to install software on D drive)
  3. Users — In this folder are stored the users created. It also stores users generated data (Ex: Saving a file on your Desktop)
  4. Windows — It’s the folder which basically contains the code to run the operating system and some utility tools (we’ll talk about them later)
  • Users
  • Groups
  • Full control
  • Modify
  • Read & execute
  • List folders content
  • Read
  • Write
  • Special permissions

Understanding the authentication process:

What is authentication?

Local authentication

  • On-Premise Active Directory (AD)
  • Azure Active Directory (AAD)

Authentication on On-Premise Active Directory

  • NTLM
  • LDAP / LDAPS
  • KERBEROS

NTLM / NTLM 2

LDAP / LDAPS

The procedure is similar to the image below:

KERBEROS

Authentication on Azure Active Directory

  • SAML (Security Assertion Markup Language)
  • OAUTH 2.0
  • OpenID Connect

SAML (Security Assertion Markup Language)

OAUTH 2.0

OAuth 2.0 spec has four important roles:

  • The authorization server, which is the server that issues the access token.
  • The resource owner, normally your application’s end-user, that grants permission to access the resource server with an access token.
  • The client, which is the application that requests the access token, and then passes it to the resource server.
  • The resource server, which accepts the access token and must verify that it is valid. In this case, this is your application.

OpenID Connect

Utility tools:

Built-in utility tools

  • Computer Management
  • Local Security Policy
  • Disk Cleanup
  • Registry Editor
  • Command-line tools
  • Registry Editor (Regedit)

Computer Management

  • Task Scheduler
  • Event Viewer
  • Shared Folders
  • Local users & computers
  • Performance Monitor
  • Disk Management
  • Services & Applications

Registry Editor

Command-line tools

  • CMD
  • Powershell
  • Windows Terminal

Registry Editor

  • HKEY_CLASSES_ROOT
  • HKEY_CURRENT_USER
  • HKEY_LOCAL_MACHINE
  • HKEY_USERS
  • HKEY_CURRENT_CONFIG

Types of servers:

What is a server?

Types of servers

  • Domain Controller
  • File server
  • Web server
  • FTP Server
  • Mail Server
  • Database Server
  • Proxy Server
  • Application Server

Users and Groups Management:

Users and Groups Management in Active Directory

  1. Right-clicking a user > Add to a group

Creating your first GPO:

What is Group Policy Objects?

Creating our first GPO

--

--

--

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

LandingTrack — Dimension Overview

What I learned from my mistakes in my first job as a self-taught developer

How Does OAuth 2 Work?

8 Best SQL Courses on Coursera You Must Know in 2022

Why Codeless Software is Doomed to Fail

Flutter Tidbits — AnimatedSizes to Simple Onboarding

CS373 Fall 2020: Lauren Jernigan

Singleton Design Pattern Explained — A peep into OOP

singleton design patter

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
jagadeesh

jagadeesh

CTF-PLAYER, security analyst, Pentesting, vapt, digital forensics

More from Medium

TryHackMe Daily Bugle

TryHackMe: Authentication Bypass a Walkthrough

TryHackMe: Nmap Basic Port Scans Writeup

Mustacchio — TryHackMe CTF Walkthrough