# Maîtrise de poste - Day 1 ## Host OS a l'aide de la commande msinfo32 ### nom de la machine MSI ### OS et version Fabricant du système d’exploitation Microsoft Corporation Nom du système d’exploitation: Microsoft Windows 10 Famille ### architecture processeur (32-bit, 64-bit, ARM, etc) Type PC à base de x64 ### modèle du processeur Processeur Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz, 2592 MHz, 6 cœur(s), 12 processeur(s) logique(s) ### ram ``` Manufacturer Banklabel Configuredclockspeed Capacity ------------ --------- -------------------- -------- Samsung BANK 0 2667 8589934592 Samsung BANK 2 2667 8589934592 ``` ## Devices ### la marque et le modèle de votre processeur ``` PS C:\Users\killi> Get-WmiObject Win32_Processor Caption : Intel64 Family 6 Model 158 Stepping 10 DeviceID : CPU0 Manufacturer : GenuineIntel MaxClockSpeed : 2592 Name : Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz SocketDesignation : U3E1 ``` Mon ordinateur possède 12 processeurs et 6 cœurs. Définition de i7-9750H: Le nom de mon processeur (Intel(R) Core(TM) i7-8565U) est composé de sa marque, Intel(R) Core(TM), le i7 et la pour indiqué un "type" de processeur. Les 4chiffres suivant 8565 sont les numéro de modèle du produit et le U signifie que c'est un ultra powered. ##### voici le modèle de mon trackpad: ``` OK Mouse Souris HID HID\VID_... ``` ##### le modèle de mes hauts parleurs ``` OK AudioEndpoint Speakers (Realtek(R) Audio) SWD\MMDE... ``` ##### et le disque dur de mon pc ``` PS C:\Users\killi> Get-PhysicalDisk Number FriendlyName SerialNumber MediaType CanPool OperationalStatus HealthStatus Usage Size ------ ------------ ------------ --------- ------- ----------------- ------------ ----- ---- 0 KBG30ZMV512G TOSHIBA 0008_0D04_0096_197D. SSD False OK Healthy Auto-Select 476.94 GB ``` ##### les détails de mon disque dur : ``` DiskPath : \\?\scsi#disk&ven_nvme&prod_kbg30zmv512g_tos#5&26dedec4&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} PartitionNumber DriveLetter Offset Size Type --------------- ----------- ------ ---- ---- 1 1048576 300 MB System 2 315621376 128 MB Reserved 3 C 449839104 457.72 GB Basic 4 491919507456 900 MB Recovery 5 492863225856 17.92 GB Recovery DiskPath : \\?\usbstor#disk&ven_wd&prod_elements_25a1&rev_1018#575833314142384a43534e43&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} PartitionNumber DriveLetter Offset Size Type --------------- ----------- ------ ---- ---- 1 E 1048576 1.82 TB Basic ``` les fichiers de chaque partition: ``` DiskPath : \\?\scsi#disk&ven_nvme&prod_kbg30zmv512g_tos#5&26dedec4&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} DiskPath : \\?\usbstor#disk&ven_wd&prod_elements_25a1&rev_1018#575833314142384a43534e43&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} ``` System : Cette partition contient les fichier de boot de l'ordinateur. Reserved : Cette partition contient les fichier essentiel à l'ordinateur. Basic : Cette partition contient l'OS de l'ordinateur. Recovery : Cette partition contient les fichier et dossier de récupération en cas de problème. ``` PS C:\Users\killi> Get-NetAdapter | fl Name, InterfaceIndex Name : Wi-Fi InterfaceIndex : 24 Name : VirtualBox Host-Only Network #3 InterfaceIndex : 20 Name : VMware Network Adapter VMnet8 InterfaceIndex : 19 Name : VMware Network Adapter VMnet1 InterfaceIndex : 18 Name : VirtualBox Host-Only Network InterfaceIndex : 17 Name : Ethernet 2 InterfaceIndex : 12 Name : VirtualBox Host-Only Network #2 InterfaceIndex : 11 Name : Npcap Loopback Adapter InterfaceIndex : 8 ``` expliquer la fonction de chacune d'entre elles L'interface Wi-Fi me permet d'avoir accès au Wi-Fi. L'interface Ethernet 2 me permet une connection a l'aide d'un cable pour être directement connecté a la connection. Les interfaces : VirtualBox Host-Only, sont utilisé pour le réseaux de nos vm virtualbox. Les interfaces : VMware Network Adapter VMnet1 sont utilisé pour le réseaux de nos vm VMware. ``` PS C:\Users\killi> netstat -ano Connexions actives Proto Adresse locale Adresse distante État TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1464 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:902 0.0.0.0:0 LISTENING 4936 TCP 0.0.0.0:912 0.0.0.0:0 LISTENING 4936 TCP 0.0.0.0:1337 0.0.0.0:0 LISTENING 4620 TCP 0.0.0.0:2861 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:2871 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:2882 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:2883 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 5928 TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:5426 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 648 TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 588 TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1424 TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 2508 TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 2908 TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 3812 TCP 0.0.0.0:49824 0.0.0.0:0 LISTENING 984 TCP 0.0.0.0:54235 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:54236 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:57621 0.0.0.0:0 LISTENING 27776 TCP 0.0.0.0:63592 0.0.0.0:0 LISTENING 27776 TCP 10.2.1.1:139 0.0.0.0:0 LISTENING 4 TCP 10.4.1.1:139 0.0.0.0:0 LISTENING 4 TCP 127.0.0.1:1236 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:1238 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:1414 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:1420 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:1428 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:2861 127.0.0.1:4201 ESTABLISHED 4 TCP 127.0.0.1:2861 127.0.0.1:4447 ESTABLISHED 4 TCP 127.0.0.1:2861 127.0.0.1:4506 ESTABLISHED 4 TCP 127.0.0.1:2882 127.0.0.1:4270 ESTABLISHED 4 TCP 127.0.0.1:2882 127.0.0.1:4507 ESTABLISHED 4 TCP 127.0.0.1:2882 127.0.0.1:4521 ESTABLISHED 4 TCP 127.0.0.1:2883 127.0.0.1:4269 ESTABLISHED 4 TCP 127.0.0.1:2883 127.0.0.1:4444 ESTABLISHED 4 TCP 127.0.0.1:2883 127.0.0.1:4516 ESTABLISHED 4 TCP 127.0.0.1:3103 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:3531 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:3532 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:3533 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:3544 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:4201 127.0.0.1:2861 ESTABLISHED 3120 TCP 127.0.0.1:4269 127.0.0.1:2883 ESTABLISHED 15792 TCP 127.0.0.1:4270 127.0.0.1:2882 ESTABLISHED 15792 TCP 127.0.0.1:4444 127.0.0.1:2883 ESTABLISHED 15792 TCP 127.0.0.1:4447 127.0.0.1:2861 ESTABLISHED 3120 TCP 127.0.0.1:4506 127.0.0.1:2861 ESTABLISHED 27860 TCP 127.0.0.1:4507 127.0.0.1:2882 ESTABLISHED 15792 TCP 127.0.0.1:4516 127.0.0.1:2883 ESTABLISHED 3120 TCP 127.0.0.1:4521 127.0.0.1:2882 ESTABLISHED 27860 TCP 127.0.0.1:4528 127.0.0.1:10179 SYN_SENT 17324 TCP 127.0.0.1:5565 0.0.0.0:0 LISTENING 3120 TCP 127.0.0.1:5685 0.0.0.0:0 LISTENING 27860 TCP 127.0.0.1:6463 0.0.0.0:0 LISTENING 17552 TCP 127.0.0.1:6676 0.0.0.0:0 LISTENING 3120 TCP 127.0.0.1:6796 0.0.0.0:0 LISTENING 27860 TCP 127.0.0.1:7787 0.0.0.0:0 LISTENING 3120 TCP 127.0.0.1:7907 0.0.0.0:0 LISTENING 27860 TCP 127.0.0.1:10009 0.0.0.0:0 LISTENING 3120 TCP 127.0.0.1:10009 127.0.0.1:4525 TIME_WAIT 0 TCP 127.0.0.1:10129 0.0.0.0:0 LISTENING 27860 TCP 127.0.0.1:15292 0.0.0.0:0 LISTENING 38668 TCP 127.0.0.1:15393 0.0.0.0:0 LISTENING 38668 TCP 127.0.0.1:16494 0.0.0.0:0 LISTENING 38668 TCP 127.0.0.1:45623 0.0.0.0:0 LISTENING 37712 TCP 127.0.0.1:49675 0.0.0.0:0 LISTENING 4504 TCP 127.0.0.1:49675 127.0.0.1:1236 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:1238 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:1414 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:1420 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:1428 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:3103 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:3531 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:3532 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:3533 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:3544 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:63560 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:63595 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:63980 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:63993 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:64000 ESTABLISHED 4504 TCP 127.0.0.1:49675 127.0.0.1:65352 ESTABLISHED 4504 TCP 127.0.0.1:52887 0.0.0.0:0 LISTENING 37712 TCP 127.0.0.1:63439 127.0.0.1:65001 ESTABLISHED 4580 TCP 127.0.0.1:63509 0.0.0.0:0 LISTENING 37500 TCP 127.0.0.1:63560 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:63595 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:63615 0.0.0.0:0 LISTENING 37712 TCP 127.0.0.1:63615 127.0.0.1:63797 ESTABLISHED 37712 TCP 127.0.0.1:63766 0.0.0.0:0 LISTENING 37712 TCP 127.0.0.1:63797 127.0.0.1:63615 ESTABLISHED 26632 TCP 127.0.0.1:63980 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:63993 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:64000 127.0.0.1:49675 ESTABLISHED 24692 TCP 127.0.0.1:65001 0.0.0.0:0 LISTENING 4580 TCP 127.0.0.1:65001 127.0.0.1:63439 ESTABLISHED 4580 TCP 127.0.0.1:65352 127.0.0.1:49675 ESTABLISHED 24692 TCP 192.168.1.48:139 0.0.0.0:0 LISTENING 4 TCP 192.168.1.48:3347 162.159.135.234:443 ESTABLISHED 39300 TCP 192.168.1.48:3606 35.186.224.47:443 ESTABLISHED 27776 TCP 192.168.1.48:4073 172.217.18.195:80 ESTABLISHED 3120 TCP 192.168.1.48:4074 216.58.201.228:443 ESTABLISHED 3120 TCP 192.168.1.48:4094 172.217.19.227:80 ESTABLISHED 27860 TCP 192.168.1.48:4096 216.58.206.228:443 ESTABLISHED 27860 TCP 192.168.1.48:4147 140.82.112.26:443 ESTABLISHED 24692 TCP 192.168.1.48:4321 104.89.26.169:443 ESTABLISHED 3120 TCP 192.168.1.48:4339 2.16.124.147:443 CLOSE_WAIT 27860 TCP 192.168.1.48:4340 2.16.124.147:443 CLOSE_WAIT 27860 TCP 192.168.1.48:4342 104.89.26.169:443 CLOSE_WAIT 27860 TCP 192.168.1.48:4343 104.89.26.169:443 CLOSE_WAIT 27860 TCP 192.168.1.48:4344 104.89.26.169:443 CLOSE_WAIT 27860 TCP 192.168.1.48:4369 140.82.113.25:443 ESTABLISHED 24692 TCP 192.168.1.48:4394 23.54.60.107:443 ESTABLISHED 27860 TCP 192.168.1.48:4489 104.121.2.24:80 ESTABLISHED 3120 TCP 192.168.1.48:4499 23.46.164.132:443 ESTABLISHED 3120 TCP 192.168.1.48:4500 2.16.124.147:443 ESTABLISHED 3120 TCP 192.168.1.48:4501 2.16.124.147:443 ESTABLISHED 3120 TCP 192.168.1.48:4502 2.16.124.147:443 ESTABLISHED 3120 TCP 192.168.1.48:4503 104.89.26.169:443 ESTABLISHED 3120 TCP 192.168.1.48:4504 104.89.26.169:443 ESTABLISHED 3120 TCP 192.168.1.48:4505 104.89.26.169:443 ESTABLISHED 3120 TCP 192.168.1.48:4508 104.121.2.24:80 ESTABLISHED 3120 TCP 192.168.1.48:4510 108.177.15.188:5228 ESTABLISHED 27860 TCP 192.168.1.48:4520 173.194.76.188:5228 ESTABLISHED 3120 TCP 192.168.1.48:4522 52.23.6.186:443 ESTABLISHED 3804 TCP 192.168.1.48:4523 34.252.159.0:443 ESTABLISHED 3804 TCP 192.168.1.48:63554 40.67.254.36:443 ESTABLISHED 5044 TCP 192.168.1.48:63679 35.190.242.132:4070 ESTABLISHED 27776 TCP 192.168.1.48:63739 3.216.58.47:443 ESTABLISHED 3804 TCP 192.168.1.48:63796 63.33.237.65:443 ESTABLISHED 3804 TCP 192.168.1.48:64548 112.175.87.93:11001 ESTABLISHED 3120 TCP 192.168.1.48:64662 112.175.87.94:11006 ESTABLISHED 27860 TCP 192.168.19.1:139 0.0.0.0:0 LISTENING 4 TCP 192.168.33.1:139 0.0.0.0:0 LISTENING 4 TCP 192.168.56.1:139 0.0.0.0:0 LISTENING 4 TCP [::]:80 [::]:0 LISTENING 4 TCP [::]:135 [::]:0 LISTENING 1464 TCP [::]:445 [::]:0 LISTENING 4 TCP [::]:1337 [::]:0 LISTENING 4620 TCP [::]:2861 [::]:0 LISTENING 4 TCP [::]:2871 [::]:0 LISTENING 4 TCP [::]:2882 [::]:0 LISTENING 4 TCP [::]:2883 [::]:0 LISTENING 4 TCP [::]:5357 [::]:0 LISTENING 4 TCP [::]:5426 [::]:0 LISTENING 4 TCP [::]:49664 [::]:0 LISTENING 648 TCP [::]:49665 [::]:0 LISTENING 588 TCP [::]:49666 [::]:0 LISTENING 1424 TCP [::]:49667 [::]:0 LISTENING 2508 TCP [::]:49668 [::]:0 LISTENING 2908 TCP [::]:49669 [::]:0 LISTENING 3812 TCP [::]:49824 [::]:0 LISTENING 984 TCP [::]:54235 [::]:0 LISTENING 4 TCP [::]:54236 [::]:0 LISTENING 4 TCP [::1]:5426 [::1]:63441 ESTABLISHED 4 TCP [::1]:5426 [::1]:63444 ESTABLISHED 4 TCP [::1]:5426 [::1]:63447 ESTABLISHED 4 TCP [::1]:5426 [::1]:63450 ESTABLISHED 4 TCP [::1]:63441 [::1]:5426 ESTABLISHED 43528 TCP [::1]:63444 [::1]:5426 ESTABLISHED 43528 TCP [::1]:63447 [::1]:5426 ESTABLISHED 43528 TCP [::1]:63450 [::1]:5426 ESTABLISHED 43528 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:3924 [2406:da14:88d:a101:cc32:cca8:d247:5617]:443 ESTABLISHED 24692 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:4518 [2406:da14:88d:a101:cc32:cca8:d247:5617]:443 ESTABLISHED 24692 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:4519 [2406:da14:88d:a101:cc32:cca8:d247:5617]:443 CLOSE_WAIT 24692 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:63949 [2a00:1450:400c:c0c::bc]:5228 ESTABLISHED 24692 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:64250 [2600:9000:219c:8800:d:8082:3c40:93a1]:80 FIN_WAIT_2 15792 TCP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:64262 [2600:1901:0:94b6::]:443 ESTABLISHED 15792 UDP 0.0.0.0:500 *:* 4204 UDP 0.0.0.0:3702 *:* 18112 UDP 0.0.0.0:3702 *:* 19880 UDP 0.0.0.0:3702 *:* 18112 UDP 0.0.0.0:3702 *:* 19880 UDP 0.0.0.0:4500 *:* 4204 UDP 0.0.0.0:5050 *:* 5928 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5353 *:* 3316 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 35036 UDP 0.0.0.0:5353 *:* 27776 UDP 0.0.0.0:5355 *:* 3316 UDP 0.0.0.0:50386 *:* 4580 UDP 0.0.0.0:51328 *:* 3120 UDP 0.0.0.0:51329 *:* 3120 UDP 0.0.0.0:51330 *:* 3120 UDP 0.0.0.0:51331 *:* 3120 UDP 0.0.0.0:54123 *:* 3120 UDP 0.0.0.0:54316 *:* 3120 UDP 0.0.0.0:54819 *:* 3120 UDP 0.0.0.0:56873 *:* 24692 UDP 0.0.0.0:56907 *:* 24692 UDP 0.0.0.0:57621 *:* 27776 UDP 0.0.0.0:58091 *:* 19880 UDP 0.0.0.0:59097 *:* 3120 UDP 0.0.0.0:59465 *:* 18112 UDP 0.0.0.0:59597 *:* 3120 UDP 0.0.0.0:59599 *:* 27860 UDP 0.0.0.0:59600 *:* 27860 UDP 0.0.0.0:62965 *:* 27776 UDP 0.0.0.0:62966 *:* 27776 UDP 0.0.0.0:62967 *:* 27776 UDP 0.0.0.0:62968 *:* 27776 UDP 0.0.0.0:62969 *:* 27776 UDP 0.0.0.0:62970 *:* 27776 UDP 0.0.0.0:65246 *:* 3120 UDP 0.0.0.0:65247 *:* 3120 UDP 10.2.1.1:137 *:* 4 UDP 10.2.1.1:138 *:* 4 UDP 10.2.1.1:1900 *:* 15016 UDP 10.2.1.1:2177 *:* 20468 UDP 10.2.1.1:5353 *:* 4580 UDP 10.2.1.1:54901 *:* 15016 UDP 10.4.1.1:137 *:* 4 UDP 10.4.1.1:138 *:* 4 UDP 10.4.1.1:1900 *:* 15016 UDP 10.4.1.1:2177 *:* 20468 UDP 10.4.1.1:5353 *:* 4580 UDP 10.4.1.1:54904 *:* 15016 UDP 127.0.0.1:1900 *:* 15016 UDP 127.0.0.1:2921 *:* 3120 UDP 127.0.0.1:2922 *:* 27860 UDP 127.0.0.1:10020 *:* 37500 UDP 127.0.0.1:12010 *:* 3120 UDP 127.0.0.1:12130 *:* 27860 UDP 127.0.0.1:54907 *:* 15016 UDP 127.0.0.1:59565 *:* 4764 UDP 127.0.0.1:60671 *:* 43560 UDP 192.168.1.48:137 *:* 4 UDP 192.168.1.48:138 *:* 4 UDP 192.168.1.48:1900 *:* 15016 UDP 192.168.1.48:2177 *:* 20468 UDP 192.168.1.48:5353 *:* 4580 UDP 192.168.1.48:54902 *:* 15016 UDP 192.168.19.1:137 *:* 4 UDP 192.168.19.1:138 *:* 4 UDP 192.168.19.1:1900 *:* 15016 UDP 192.168.19.1:2177 *:* 20468 UDP 192.168.19.1:5353 *:* 4580 UDP 192.168.19.1:54906 *:* 15016 UDP 192.168.33.1:137 *:* 4 UDP 192.168.33.1:138 *:* 4 UDP 192.168.33.1:1900 *:* 15016 UDP 192.168.33.1:2177 *:* 20468 UDP 192.168.33.1:5353 *:* 4580 UDP 192.168.33.1:54905 *:* 15016 UDP 192.168.56.1:137 *:* 4 UDP 192.168.56.1:138 *:* 4 UDP 192.168.56.1:1900 *:* 15016 UDP 192.168.56.1:2177 *:* 20468 UDP 192.168.56.1:5353 *:* 4580 UDP 192.168.56.1:54903 *:* 15016 UDP [::]:500 *:* 4204 UDP [::]:3702 *:* 19880 UDP [::]:3702 *:* 18112 UDP [::]:3702 *:* 18112 UDP [::]:3702 *:* 19880 UDP [::]:4500 *:* 4204 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 35036 UDP [::]:5353 *:* 3316 UDP [::]:5355 *:* 3316 UDP [::]:50387 *:* 4580 UDP [::]:56873 *:* 24692 UDP [::]:56907 *:* 24692 UDP [::]:58092 *:* 19880 UDP [::]:59466 *:* 18112 UDP [::1]:1900 *:* 15016 UDP [::1]:5353 *:* 4580 UDP [::1]:54899 *:* 15016 UDP [2a01:cb19:664:f900:49ce:a019:4313:bf32]:2177 *:* 20468 UDP [2a01:cb19:664:f900:88cb:4eb5:e58e:438e]:2177 *:* 20468 UDP [fe80::4856:bfa0:c97f:a602%20]:1900 *:* 15016 UDP [fe80::4856:bfa0:c97f:a602%20]:2177 *:* 20468 UDP [fe80::4856:bfa0:c97f:a602%20]:54896 *:* 15016 UDP [fe80::49ce:a019:4313:bf32%12]:1900 *:* 15016 UDP [fe80::49ce:a019:4313:bf32%12]:2177 *:* 20468 UDP [fe80::49ce:a019:4313:bf32%12]:54894 *:* 15016 UDP [fe80::4c0a:f3e6:3e2d:fde%17]:1900 *:* 15016 UDP [fe80::4c0a:f3e6:3e2d:fde%17]:2177 *:* 20468 UDP [fe80::4c0a:f3e6:3e2d:fde%17]:54895 *:* 15016 UDP [fe80::d195:cb2b:7e58:ad2e%19]:1900 *:* 15016 UDP [fe80::d195:cb2b:7e58:ad2e%19]:2177 *:* 20468 UDP [fe80::d195:cb2b:7e58:ad2e%19]:54898 *:* 15016 UDP [fe80::d8c1:972b:4a4b:7e69%18]:1900 *:* 15016 UDP [fe80::d8c1:972b:4a4b:7e69%18]:2177 *:* 20468 UDP [fe80::d8c1:972b:4a4b:7e69%18]:54897 *:* 15016 UDP [fe80::f5f8:2c08:9d14:c5de%11]:1900 *:* 15016 UDP [fe80::f5f8:2c08:9d14:c5de%11]:2177 *:* 20468 UDP [fe80::f5f8:2c08:9d14:c5de%11]:54893 *:* 15016 ``` ``` PS C:\Users\killi> Get-Process | Where-Object {$_.mainWindowTitle} | Format-Table Id, Name, mainWindowtitle -AutoSize Id Name MainWindowTitle -- ---- --------------- 35036 chrome Processeur Intel® Core™ i7-9750H (12 Mo de cache, jusqu'à 4,50 GHz) Caractéristiques techniques - Google Chrome 19040 Discord #uii - Discord 27048 msinfo32 Informations système 33180 powershell Windows PowerShell 27776 Spotify Spotify Premium ``` 35036 chrome Chrome est un navigateur web qui tourne sur le port 35036 en UDP. 19040 Discord Discord est un logiciel de communication. ``` PS C:\Users\killi> Get-LocalUser Name Enabled Description ---- ------- ----------- Administrateur False Compte d’utilisateur d’administration DefaultAccount False Compte utilisateur géré par le système. Invité False Compte d’utilisateur invité Killian True WDAGUtilityAccount False Compte d’utilisateur géré et utilisé par le système pour les scénarios Windows Defender A... YNOV01 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV02 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV03 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV04 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV05 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV06 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV07 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV08 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV09 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV10 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV11 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV12 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV13 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV14 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV15 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV16 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV17 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV18 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV19 True Local user account for execution of R scripts in SQL Server instance YNOV YNOV20 True Local user account for execution of R scripts in SQL Server instance YNOV ``` l'utilisateur admin de la machine est KIllian ``` Name Enabled Description ---- ------- ----------- Administrateur False Compte d’utilisateur d’administration DefaultAccount False Compte utilisateur géré par le système. Invité False Compte d’utilisateur invité Killian True ``` ``` PS C:\Users\killi> tasklist /v Nom de l’image PID Nom de la sessio Numéro de s Utilisation État Nom d’utilisateur Temps proces Titre de la fenêtre ========================= ======== ================ =========== ============ =============== ================================================== ============ ======================================================================== System Idle Process 0 Services 0 8 Ko Unknown AUTORITE NT\Système 11:31:13 N/A System 4 Services 0 156 Ko Unknown N/A 0:08:02 N/A Registry 144 Services 0 58 424 Ko Unknown N/A 0:00:01 N/A smss.exe 752 Services 0 1 068 Ko Unknown N/A 0:00:00 N/A csrss.exe 996 Services 0 4 708 Ko Unknown N/A 0:00:01 N/A wininit.exe 648 Services 0 5 436 Ko Unknown N/A 0:00:00 N/A csrss.exe 664 Console 1 4 784 Ko Running N/A 0:01:24 N/A services.exe 888 Services 0 13 836 Ko Unknown N/A 0:00:08 N/A lsass.exe 952 Services 0 22 372 Ko Unknown N/A 0:00:03 N/A winlogon.exe 1096 Console 1 9 808 Ko Unknown N/A 0:00:00 N/A svchost.exe 1184 Services 0 3 348 Ko Unknown N/A 0:00:00 N/A svchost.exe 1252 Services 0 29 204 Ko Unknown N/A 0:00:09 N/A fontdrvhost.exe 1276 Services 0 2 644 Ko Unknown N/A 0:00:00 N/A fontdrvhost.exe 1288 Console 1 5 088 Ko Unknown N/A 0:00:00 N/A svchost.exe 1432 Services 0 15 616 Ko Unknown N/A 0:00:11 N/A svchost.exe 1484 Services 0 9 276 Ko Unknown N/A 0:00:00 N/A dwm.exe 1568 Console 1 54 608 Ko Running N/A 0:05:02 DWM Notification Window svchost.exe 1640 Services 0 7 752 Ko Unknown N/A 0:00:00 N/A svchost.exe 1452 Services 0 13 736 Ko Unknown N/A 0:00:02 N/A svchost.exe 2116 Services 0 9 576 Ko Unknown N/A 0:00:00 N/A svchost.exe 2176 Services 0 9 404 Ko Unknown N/A 0:00:02 N/A NVDisplay.Container.exe 2184 Services 0 11 584 Ko Unknown N/A 0:00:00 N/A svchost.exe 2276 Services 0 16 976 Ko Unknown N/A 0:00:05 N/A svchost.exe 2312 Services 0 13 264 Ko Unknown N/A 0:00:01 N/A svchost.exe 2340 Services 0 5 712 Ko Unknown N/A 0:00:00 N/A svchost.exe 2452 Services 0 12 256 Ko Unknown N/A 0:00:09 N/A svchost.exe 2460 Services 0 4 960 Ko Unknown N/A 0:00:00 N/A svchost.exe 2468 Services 0 7 360 Ko Unknown N/A 0:00:00 N/A svchost.exe 2476 Services 0 6 300 Ko Unknown N/A 0:00:00 N/A Memory Compression 2596 Services 0 938 364 Ko Unknown N/A 0:01:09 N/A svchost.exe 2656 Services 0 6 996 Ko Unknown N/A 0:00:00 N/A svchost.exe 2680 Services 0 7 260 Ko Unknown N/A 0:00:00 N/A igfxCUIService.exe 2724 Services 0 6 816 Ko Unknown N/A 0:00:00 N/A svchost.exe 2784 Services 0 8 392 Ko Unknown N/A 0:00:00 N/A svchost.exe 2804 Services 0 6 820 Ko Unknown N/A 0:00:00 N/A svchost.exe 2816 Services 0 6 884 Ko Unknown N/A 0:00:02 N/A NVDisplay.Container.exe 2952 Console 1 25 884 Ko Running N/A 0:00:03 UxdService svchost.exe 3028 Services 0 46 688 Ko Unknown N/A 0:00:51 N/A audiodg.exe 2336 Services 0 26 044 Ko Unknown N/A 0:05:15 N/A svchost.exe 3092 Services 0 11 232 Ko Unknown N/A 0:00:00 N/A svchost.exe 3100 Services 0 6 980 Ko Unknown N/A 0:00:03 N/A svchost.exe 3108 Services 0 5 744 Ko Unknown N/A 0:00:00 N/A svchost.exe 3116 Services 0 7 828 Ko Unknown N/A 0:00:14 N/A svchost.exe 3392 Services 0 10 972 Ko Unknown N/A 0:00:02 N/A svchost.exe 3500 Services 0 8 128 Ko Unknown N/A 0:00:03 N/A svchost.exe 3676 Services 0 6 724 Ko Unknown N/A 0:00:00 N/A svchost.exe 3760 Services 0 14 760 Ko Unknown N/A 0:00:01 N/A svchost.exe 3856 Services 0 8 252 Ko Unknown N/A 0:00:00 N/A svchost.exe 3968 Services 0 13 032 Ko Unknown N/A 0:00:00 N/A svchost.exe 3976 Services 0 6 136 Ko Unknown N/A 0:00:00 N/A spoolsv.exe 4048 Services 0 10 392 Ko Unknown N/A 0:00:00 N/A svchost.exe 4088 Services 0 7 912 Ko Unknown N/A 0:00:00 N/A svchost.exe 3196 Services 0 37 708 Ko Unknown N/A 0:00:10 N/A svchost.exe 3672 Services 0 13 116 Ko Unknown N/A 0:00:01 N/A wlanext.exe 4076 Services 0 13 536 Ko Unknown N/A 0:00:00 N/A conhost.exe 4104 Services 0 4 124 Ko Unknown N/A 0:00:00 N/A svchost.exe 4376 Services 0 6 368 Ko Unknown N/A 0:00:00 N/A svchost.exe 4384 Services 0 6 188 Ko Unknown N/A 0:00:00 N/A svchost.exe 4664 Services 0 25 420 Ko Unknown N/A 0:00:02 N/A svchost.exe 4676 Services 0 13 780 Ko Unknown N/A 0:00:00 N/A svchost.exe 4684 Services 0 5 688 Ko Unknown N/A 0:00:00 N/A IntelCpHDCPSvc.exe 4692 Services 0 5 592 Ko Unknown N/A 0:00:00 N/A EvtEng.exe 4704 Services 0 11 152 Ko Unknown N/A 0:00:00 N/A MSIService.exe 4716 Services 0 7 524 Ko Unknown N/A 0:00:00 N/A AdobeUpdateService.exe 4724 Services 0 7 376 Ko Unknown N/A 0:00:00 N/A MSIAPService.exe 4740 Services 0 12 784 Ko Unknown N/A 0:00:00 N/A svchost.exe 4748 Services 0 27 816 Ko Unknown N/A 0:00:07 N/A NahimicService.exe 4756 Services 0 16 432 Ko Unknown N/A 0:00:01 N/A avp.exe 4772 Services 0 99 836 Ko Unknown N/A 0:04:11 N/A FNPLicensingService64.exe 4780 Services 0 6 544 Ko Unknown N/A 0:00:00 N/A svchost.exe 4788 Services 0 6 620 Ko Unknown N/A 0:00:00 N/A RzSDKServer.exe 4796 Services 0 7 108 Ko Unknown N/A 0:00:00 N/A RtkAudUService64.exe 4804 Services 0 7 116 Ko Unknown N/A 0:00:00 N/A RstMwService.exe 4812 Services 0 4 692 Ko Unknown N/A 0:00:00 N/A RzSDKService.exe 4820 Services 0 7 308 Ko Unknown N/A 0:00:18 N/A AGSService.exe 4828 Services 0 7 944 Ko Unknown N/A 0:00:00 N/A sqlwriter.exe 4836 Services 0 6 024 Ko Unknown N/A 0:00:00 N/A svchost.exe 4844 Services 0 4 536 Ko Unknown N/A 0:00:00 N/A nvcontainer.exe 4852 Services 0 31 972 Ko Unknown N/A 0:00:01 N/A GameManagerService.exe 4860 Services 0 23 536 Ko Unknown N/A 0:00:00 N/A RazerCentralService.exe 4872 Services 0 36 600 Ko Unknown N/A 0:00:01 N/A vmware-usbarbitrator64.ex 4880 Services 0 8 128 Ko Unknown N/A 0:00:00 N/A svchost.exe 4888 Services 0 18 120 Ko Unknown N/A 0:00:00 N/A AGMService.exe 4896 Services 0 8 568 Ko Unknown N/A 0:00:01 N/A vmware-authd.exe 4904 Services 0 10 456 Ko Unknown N/A 0:00:11 N/A svchost.exe 4920 Services 0 9 620 Ko Unknown N/A 0:00:00 N/A svchost.exe 4928 Services 0 5 268 Ko Unknown N/A 0:00:00 N/A vmnat.exe 4948 Services 0 5 952 Ko Unknown N/A 0:00:00 N/A Sendevsvc.exe 4960 Services 0 29 964 Ko Unknown N/A 0:00:01 N/A vmnetdhcp.exe 4980 Services 0 4 156 Ko Unknown N/A 0:00:00 N/A RegSrvc.exe 4988 Services 0 7 200 Ko Unknown N/A 0:00:00 N/A OfficeClickToRun.exe 5000 Services 0 30 988 Ko Unknown N/A 0:00:01 N/A ZeroConfigService.exe 5008 Services 0 14 980 Ko Unknown N/A 0:00:00 N/A svchost.exe 5360 Services 0 4 632 Ko Unknown N/A 0:00:00 N/A KillerNetworkService.exe 5520 Services 0 19 560 Ko Unknown N/A 0:00:09 N/A svchost.exe 5584 Services 0 8 168 Ko Unknown N/A 0:00:00 N/A IntelCpHeciSvc.exe 5456 Services 0 5 020 Ko Unknown N/A 0:00:00 N/A xTendUtilityService.exe 2432 Services 0 12 912 Ko Unknown N/A 0:00:00 N/A sqlservr.exe 6272 Services 0 132 760 Ko Unknown N/A 0:08:24 N/A ReportingServicesService. 6280 Services 0 111 012 Ko Unknown N/A 0:00:03 N/A sqlceip.exe 6320 Services 0 40 784 Ko Unknown N/A 0:00:00 N/A xTendUtility.exe 6688 Services 0 6 520 Ko Unknown N/A 0:00:00 N/A conhost.exe 6792 Services 0 5 924 Ko Unknown N/A 0:00:00 N/A rundll32.exe 6868 Console 1 6 956 Ko Running N/A 0:00:00 RxDiag Message Pump 2019 NVIDIA Corporation Dec 3 2019 19:35:17 svchost.exe 7296 Services 0 6 232 Ko Unknown N/A 0:00:00 N/A svchost.exe 7492 Services 0 8 124 Ko Unknown N/A 0:00:00 N/A Razer Synapse Service.exe 7936 Services 0 67 796 Ko Unknown N/A 0:00:07 N/A unsecapp.exe 7684 Services 0 6 064 Ko Unknown N/A 0:00:00 N/A WmiPrvSE.exe 8224 Services 0 12 364 Ko Unknown N/A 0:00:00 N/A Microsoft.ReportingServic 6236 Services 0 54 168 Ko Unknown N/A 0:00:02 N/A conhost.exe 6780 Services 0 5 680 Ko Unknown N/A 0:00:00 N/A Launchpad.exe 9704 Services 0 14 924 Ko Unknown N/A 0:00:00 N/A fdlauncher.exe 9728 Services 0 4 432 Ko Unknown N/A 0:00:00 N/A fdhost.exe 9812 Services 0 5 288 Ko Unknown N/A 0:00:00 N/A conhost.exe 9840 Services 0 4 492 Ko Unknown N/A 0:00:00 N/A SearchIndexer.exe 10048 Services 0 37 044 Ko Unknown N/A 0:00:07 N/A svchost.exe 8584 Services 0 8 200 Ko Unknown N/A 0:00:00 N/A dllhost.exe 10812 Services 0 8 744 Ko Unknown N/A 0:00:00 N/A nvcontainer.exe 11012 Console 1 32 124 Ko Running MSI\Killian 0:00:09 BroadcastListenerWindow sihost.exe 11080 Console 1 26 788 Ko Running MSI\Killian 0:00:03 N/A svchost.exe 11088 Console 1 22 976 Ko Unknown MSI\Killian 0:00:06 N/A PresentationFontCache.exe 11148 Services 0 14 808 Ko Unknown N/A 0:00:00 N/A svchost.exe 11228 Console 1 29 920 Ko Running MSI\Killian 0:00:01 Windows Push Notifications Platform svchost.exe 11236 Services 0 15 460 Ko Unknown N/A 0:00:02 N/A Razer Synapse Service Pro 7640 Console 1 45 376 Ko Running MSI\Killian 0:00:04 .NET-BroadcastEventWindow.4.0.0.0.2eed1ca.0 taskhostw.exe 10588 Console 1 14 672 Ko Running MSI\Killian 0:00:00 Task Host Window explorer.exe 10964 Console 1 115 428 Ko Running MSI\Killian 0:01:02 N/A igfxEM.exe 10980 Console 1 18 596 Ko Running MSI\Killian 0:00:02 The Event Manager Dashboard svchost.exe 11352 Services 0 7 020 Ko Unknown N/A 0:00:00 N/A ctfmon.exe 11476 Console 1 14 588 Ko Running MSI\Killian 0:00:03 N/A GoogleCrashHandler.exe 11752 Services 0 1 032 Ko Unknown N/A 0:00:00 N/A GoogleCrashHandler64.exe 11776 Services 0 936 Ko Unknown N/A 0:00:00 N/A NVIDIA Web Helper.exe 11888 Console 1 1 652 Ko Running MSI\Killian 0:00:01 {5AEA657D-F3F5-4BD8-BFE9-A4B537FA24C3} svchost.exe 11908 Console 1 27 812 Ko Running MSI\Killian 0:00:00 OLEChannelWnd TSVNCache.exe 11528 Console 1 7 480 Ko Running MSI\Killian 0:00:00 TSVNCacheWindow ShellExperienceHost.exe 11748 Console 1 83 416 Ko Running MSI\Killian 0:00:01 Démarrer SearchUI.exe 12344 Console 1 235 448 Ko Running MSI\Killian 0:00:14 Cortana RuntimeBroker.exe 12424 Console 1 24 176 Ko Running MSI\Killian 0:00:01 OleMainThreadWndName avpui.exe 12516 Console 1 3 624 Ko Running MSI\Killian 0:00:12 CiceroUIWndFrame conhost.exe 12684 Console 1 1 072 Ko Unknown MSI\Killian 0:00:00 N/A RuntimeBroker.exe 13260 Console 1 34 832 Ko Running MSI\Killian 0:00:04 N/A RemindersServer.exe 12320 Console 1 20 452 Ko Unknown MSI\Killian 0:00:00 N/A svchost.exe 12292 Services 0 9 176 Ko Unknown N/A 0:00:00 N/A YourPhone.exe 10896 Console 1 80 Ko Running MSI\Killian 0:00:00 N/A RuntimeBroker.exe 13528 Console 1 11 560 Ko Unknown MSI\Killian 0:00:00 N/A smartscreen.exe 6572 Console 1 20 696 Ko Running MSI\Killian 0:00:00 OleMainThreadWndName Discord.exe 12240 Console 1 57 040 Ko Running MSI\Killian 0:01:09 #uii - Discord NahimicSvc64.exe 14372 Console 1 988 Ko Running MSI\Killian 0:00:01 N/A NahimicSvc32.exe 14468 Console 1 5 576 Ko Running MSI\Killian 0:00:02 N/A ApplicationFrameHost.exe 14328 Console 1 18 604 Ko Unknown MSI\Killian 0:00:00 N/A Video.UI.exe 12128 Console 1 56 Ko Running MSI\Killian 0:00:00 N/A RuntimeBroker.exe 14212 Console 1 19 680 Ko Unknown MSI\Killian 0:00:01 N/A RuntimeBroker.exe 15780 Console 1 7 668 Ko Unknown MSI\Killian 0:00:00 N/A Discord.exe 15972 Console 1 74 436 Ko Running MSI\Killian 0:00:27 N/A Discord.exe 16116 Console 1 23 696 Ko Unknown MSI\Killian 0:00:03 N/A CCXProcess.exe 16336 Console 1 2 052 Ko Unknown MSI\Killian 0:00:01 N/A node.exe 16356 Console 1 45 860 Ko Not Responding MSI\Killian 0:00:05 OleMainThreadWndName conhost.exe 14392 Console 1 4 620 Ko Unknown MSI\Killian 0:00:00 N/A svchost.exe 8500 Services 0 11 404 Ko Unknown N/A 0:00:01 N/A svchost.exe 12296 Services 0 6 380 Ko Unknown N/A 0:00:00 N/A svchost.exe 1696 Services 0 5 000 Ko Unknown N/A 0:00:00 N/A Creative Cloud.exe 1976 Console 1 59 004 Ko Running MSI\Killian 0:00:24 Creative Cloud Desktop AdobeIPCBroker.exe 2376 Console 1 11 472 Ko Running MSI\Killian 0:00:05 N/A Adobe CEF Helper.exe 4612 Console 1 21 988 Ko Unknown MSI\Killian 0:00:04 N/A Adobe Desktop Service.exe 4600 Console 1 63 368 Ko Running MSI\Killian 0:00:35 N/A Adobe CEF Helper.exe 4644 Console 1 32 584 Ko Unknown MSI\Killian 0:00:05 N/A Adobe CEF Helper.exe 1156 Console 1 119 172 Ko Unknown MSI\Killian 0:00:16 N/A CCLibrary.exe 16324 Console 1 2 036 Ko Unknown MSI\Killian 0:00:01 N/A node.exe 4588 Console 1 41 992 Ko Not Responding MSI\Killian 0:00:09 OleMainThreadWndName conhost.exe 16788 Console 1 4 688 Ko Unknown MSI\Killian 0:00:00 N/A svchost.exe 3148 Services 0 9 968 Ko Unknown N/A 0:00:00 N/A Discord.exe 4608 Console 1 11 112 Ko Running MSI\Killian 0:00:00 N/A CoreSync.exe 15280 Console 1 30 440 Ko Running MSI\Killian 0:00:06 Core Sync AdobeNotificationClient.e 18260 Console 1 164 Ko Running MSI\Killian 0:00:00 N/A RuntimeBroker.exe 17792 Console 1 5 632 Ko Unknown MSI\Killian 0:00:00 N/A Discord.exe 17684 Console 1 176 632 Ko Running MSI\Killian 0:21:24 OLEChannelWnd Adobe CEF Helper.exe 18092 Console 1 21 748 Ko Unknown MSI\Killian 0:00:03 N/A Discord.exe 13576 Console 1 15 524 Ko Unknown MSI\Killian 0:00:00 N/A svchost.exe 18276 Services 0 6 636 Ko Unknown N/A 0:00:00 N/A dasHost.exe 18000 Services 0 14 656 Ko Unknown N/A 0:00:00 N/A WUDFHost.exe 1316 Services 0 7 052 Ko Unknown N/A 0:00:00 N/A svchost.exe 16076 Services 0 16 060 Ko Unknown N/A 0:00:00 N/A WUDFHost.exe 3416 Services 0 6 812 Ko Unknown N/A 0:00:00 N/A Dragon Center.exe 6360 Console 1 21 748 Ko Running MSI\Killian 0:00:02 N/A HD-MultiInstanceManager.e 4188 Console 1 59 780 Ko Running MSI\Killian 0:00:06 BlueStacks Multi-Instance Manager HD-Agent.exe 19292 Console 1 8 992 Ko Running MSI\Killian 0:00:05 N/A Bluestacks.exe 10988 Console 1 11 720 Ko Running MSI\Killian 0:01:04 global BstkSVC.exe 18932 Console 1 14 264 Ko Running MSI\Killian 0:00:00 VBoxPowerNotifyClass LocationNotificationWindo 9756 Console 1 1 032 Ko Running MSI\Killian 0:00:00 Notification d'emplacement Bluestacks.exe 18896 Console 1 43 972 Ko Not Responding MSI\Killian 0:00:00 OleMainThreadWndName HD-Player.exe 12956 Console 1 38 212 Ko Not Responding MSI\Killian 1:49:16 PgaDummy Bluestacks.exe 15388 Console 1 52 268 Ko Not Responding MSI\Killian 0:00:01 OleMainThreadWndName svchost.exe 4244 Console 1 19 236 Ko Unknown MSI\Killian 0:00:00 N/A IAStorDataMgrSvc.exe 1832 Services 0 37 384 Ko Unknown N/A 0:00:01 N/A SgrmBroker.exe 6656 Services 0 6 216 Ko Unknown N/A 0:00:00 N/A svchost.exe 3348 Services 0 12 980 Ko Unknown N/A 0:00:00 N/A svchost.exe 3812 Services 0 9 572 Ko Unknown N/A 0:00:00 N/A SecurityHealthService.exe 1040 Services 0 10 776 Ko Unknown N/A 0:00:00 N/A chrome.exe 18956 Console 1 124 672 Ko Running MSI\Killian 0:00:32 chrome.exe 16780 Console 1 42 064 Ko Unknown MSI\Killian 0:00:02 N/A HD-Player.exe 7820 Console 1 31 080 Ko Not Responding MSI\Killian 1:42:14 PgaDummy Bluestacks.exe 8244 Console 1 56 164 Ko Not Responding MSI\Killian 0:00:01 OleMainThreadWndName WindowsInternal.Composabl 12960 Console 1 38 216 Ko Running MSI\Killian 0:00:00 Microsoft Text Input Application dllhost.exe 5072 Console 1 11 756 Ko Running MSI\Killian 0:00:00 OleMainThreadWndName powershell.exe 2284 Console 1 56 152 Ko Running MSI\Killian 0:00:01 Windows PowerShell conhost.exe 8968 Console 1 13 824 Ko Running MSI\Killian 0:00:00 N/A WmiPrvSE.exe 3412 Services 0 7 360 Ko Unknown N/A 0:00:00 N/A svchost.exe 11104 Services 0 7 884 Ko Unknown N/A 0:00:00 N/A chrome.exe 8164 Console 1 17 824 Ko Unknown MSI\Killian 0:00:00 N/A RiotClientServices.exe 15412 Console 1 93 280 Ko Unknown MSI\Killian 0:00:08 N/A RiotClientCrashHandler.ex 6444 Console 1 7 568 Ko Running MSI\Killian 0:00:00 N/A LeagueClient.exe 9024 Console 1 114 100 Ko Running MSI\Killian 0:01:37 Test LeagueCrashHandler.exe 3432 Console 1 7 532 Ko Running MSI\Killian 0:00:00 N/A LeagueClientUx.exe 1628 Console 1 85 224 Ko Running MSI\Killian 0:00:33 League of Legends LeagueClientUxRender.exe 9188 Console 1 99 044 Ko Unknown MSI\Killian 0:03:12 N/A LeagueClientUxRender.exe 4540 Console 1 497 404 Ko Unknown MSI\Killian 0:04:59 N/A GameBarPresenceWriter.exe 19580 Console 1 6 068 Ko Unknown MSI\Killian 0:00:00 N/A svchost.exe 19616 Services 0 8 484 Ko Unknown N/A 0:00:00 N/A GameBar.exe 19868 Console 1 62 612 Ko Running MSI\Killian 0:00:26 N/A RuntimeBroker.exe 19968 Console 1 18 532 Ko Running MSI\Killian 0:00:00 OleMainThreadWndName GameBarFT.exe 20136 Console 1 16 192 Ko Running MSI\Killian 0:00:00 OleMainThreadWndName GameBarFTServer.exe 20252 Console 1 24 752 Ko Running MSI\Killian 0:01:01 OleMainThreadWndName svchost.exe 16136 Services 0 5 716 Ko Unknown N/A 0:00:00 N/A WmiPrvSE.exe 20912 Services 0 12 704 Ko Unknown N/A 0:00:01 N/A WmiPrvSE.exe 21164 Services 0 7 768 Ko Unknown N/A 0:00:00 N/A svchost.exe 21132 Services 0 7 696 Ko Unknown N/A 0:00:00 N/A svchost.exe 4936 Services 0 24 276 Ko Unknown N/A 0:00:00 N/A tasklist.exe 14996 Console 1 9 032 Ko Unknown MSI\Killian 0:00:00 N/A ``` csrss.exe : il gère toute les fenêtre et les éléments graphique du système windows. tasklist.exe: il est un fichier exécutable sur le disque dur . Il contient un code machine. winlogon.exe: réalise la fonction de gestion de connexion Windows, traitant la connexion de l'utilisateur et sa fermeture de session dans Windows. IGFXEM.EXE: C’est à dire des exécutables autour de votre carte graphique Intel. Ainsi, seuls les PC avec une carte graphique Intel auront ce processus. WmiPrvSE.exe: Celui-ci permet aux applications installées sur votre machine de demander des informations sur votre système. #### Scripting: script 1: ``` # Buton Killian # Fait le 17/04/2020 # Se script affiche les composants de mon pc Write-Output "Nom de la machine : $env:COMPUTERNAME" Write-Output "Adress IP principal : " Write-Output "OS : $env:OS" Write-Output "Version de l'OS : $((Get-CimInstance Win32_OperatingSystem).version)" Write-Output "Uptime : $((get-date) - $((gcim Win32_OperatingSystem)).LastBootUpTime)" Write-Output "Is OS up-to-date : " Write-Output "RAM : " Write-Output "Utilisation : " Write-Output "Espace libre : $(Get-CimInstance Win32_PhysicalMemory | Measure-Object -Property capacity -Sum | Foreach {"{0:N2}" -f ([math]::round(($_.Sum / 1GB),2))})" Write-Output "Espace disque" Write-Output "Espace disque utilise : " Get-WmiObject win32_logicaldisk | Format-Table DeviceId, @{n = "Size"; e = { [math]::Round($_.Size / 1GB, 2) } }, @{n = "UsedSpace"; e = { [math]::Round(($_.Size - $_.FreeSpace) / 1GB, 2) } } Write-Output "Espace disque dispo : " Get-WmiObject win32_logicaldisk | Format-Table DeviceId, @{n = "Size"; e = { [math]::Round($_.Size / 1GB, 2) } }, @{n = "FreeSpace"; e = { [math]::Round($_.FreeSpace / 1GB, 2) } } Write-Output "Liste des Utilisateur : " Get-LocalUser | Format-Table ping 8.8.8.8 ``` script 2: ``` # Buton Killian # Fait le 18/04/2020 # Se script permet éteindre le PC après 10 secondes Start-Sleep -s 15 rundll32.exe user32.dll, LockWorkStation Stop-Computer ``` #### Gestion de softs Un gestionnaire de paquets est un outil automatisant le processus d'installation, désinstallation, mise à jour de logiciels installés sur un système informatique. Aussi, cela nous permet d'être sûr que nous recevons bien le paquets qu'on veut télécharger. ``` PS C:\Users\killi> choco list -li Chocolatey v0.10.15 chocolatey 0.10.15 chocolatey-core.extension 1.3.5.1 chocolatey-dotnetfx.extension 1.0.1 chocolatey-visualstudio.extension 1.8.1 chocolatey-windowsupdate.extension 1.0.4 6 packages installed. Active Directory Authentication Library pour SQL Server|14.0.800.90 Adobe Creative Cloud|5.1.0.407 Badlion Client 2.11.3|2.11.3 Blitz 1.8.0|1.8.0 BlueStacks App Player|4.190.0.5002 Browser pour SQL Server 2016|13.1.4001.0 Discord|0.0.306 Enregistreur VSS Microsoft pour SQL Server 2016|13.1.4001.0 Epic Games Launcher|1.1.220.0 f.lux| Fichiers de support d installation de Microsoft SQL Server 2008|10.3.5500.0 GIMP 2.10.12|2.10.12 Git version 2.23.0.windows.1|2.23.0.windows.1 GitHub Desktop|2.2.4 GNS3|2.2.5 Google Chrome|81.0.4044.129 Intel(R) Computing Improvement Program|2.4.05718 Intel(R) Processor Graphics|26.20.100.8141 Intel(R) Rapid Storage Technology|16.8.2.1002 Intel® Driver &amp; Support Assistant|20.4.17.5 Intel® OptaneT Pinning Explorer Extensions|16.8.2.1002 Intel® PROSet/Wireless Software|20.80.0.0u IntelliJ IDEA 2019.2.4|192.7142.36 Java 8 Update 251 (64-bit)|8.0.2510.8 League of Legends| Legends of Runeterra| Microsoft Office 365 ProPlus - fr-fr|16.0.12527.20442 Microsoft OneDrive|19.232.1124.0012 Microsoft SQL Server 2012 Native Client |11.3.6518.0 Microsoft SQL Server 2016 (64-bit)| Microsoft SQL Server 2016 Setup (English)|13.1.4259.0 Microsoft SQL Server 2016 T-SQL Language Service |13.0.14500.10 Microsoft SQL Server 2017 RC1| Microsoft SQL Server Data-Tier Application Framework (x86) - fr-FR|14.0.3757.2 Microsoft SQL Server Management Studio - 17.2|14.0.17177.0 Microsoft SQL Server 2014 Management Objects |12.0.2000.8 Microsoft SQL Server 2016 T-SQL ScriptDom|13.1.4001.0 Microsoft System CLR Types pour SQL Server 2017 RC1|14.0.800.90 Microsoft System CLR Types pour SQL Server 2014|12.0.2402.11 Microsoft Teams|1.3.00.8663 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148|9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161|9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148|9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161|9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219|10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219|10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030|11.0.61030.0 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030|11.0.61030.0 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005|12.0.21005.1 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660|12.0.40660.0 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005|12.0.21005.1 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005|12.0.21005.1 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660|12.0.40660.0 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127|14.24.28127.4 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820|14.23.27820.0 Microsoft Visual Studio Code (User)|1.44.2 Microsoft Visual Studio Installer|1.18.1104.625 Minecraft Launcher|1.0.0.0 Module linguistique Microsoft Help Viewer 2.2 - FRA|2.2.23107 Mozilla Firefox 75.0 (x64 fr)|75.0 Mozilla Maintenance Service|69.0.2 Nmap 7.80|7.80 Node.js|12.16.1 Npcap 0.9983|0.9983 NVIDIA GeForce Experience 3.20.3.63|3.20.3.63 NVIDIA Logiciel système PhysX 9.19.0218|9.19.0218 NVIDIA Pilote graphique 445.87|445.87 Oracle VM VirtualBox 6.1.4|6.1.4 Overwolf|0.142.0.22 Prise en charge linguistique de Microsoft Visual Studio Tools for Applications 2015|14.0.23107.20 Python 3.7.6 (64-bit)|3.7.6150.0 Python Launcher|3.7.6925.0 Service de langage T-SQL Microsoft SQL Server 2017 RC1|14.0.17177.0 Stratégies Microsoft SQL Server 2017 RC1|14.0.800.90 Teams Machine-Wide Installer|1.2.0.17057 TFTactics|0.3.8 TortoiseSVN 1.13.1.28686 (64 bit)|1.13.28686 VMware VIX|1.15.0.00000 Wampserver64 3.1.9|3.1.9 Windows SDK AddOn|10.1.0.0 Windows Software Development Kit - Windows 10.0.17763.132|10.1.17763.132 WinRAR 5.70 (32-bit)|5.70.0 Wireshark 3.0.6 64-bit|3.0.6 XAMPP|7.4.5-0 83 applications not managed with Chocolatey. ``` ### Certificat l'information principal transporté par le certicat est la clé publique. Les autres informations importante en terme de sécurité sont les signature numérique. ### Partage de fichier ![](https://i.imgur.com/ifYpVlK.png) ### Chiffrement Un certificat électronique fonctionne a l'aide d'une clé publique et peux être vu comme une carte d'identité numérique. Il est utilisé principalement pour identifier et authentifier une personne physique ou morale, mais aussi pour chiffrer des échanges. chiffrement de mail: on commence par généré les clés pour le client et le destinaire ``` ssh-keygen -t rsa ``` ensuite a l'aide SignTool.exe j'ai signé numériquement mes mail puis je l'es envoyé a l'aide de gmail S/MIME. ### TLS HTTP est une connection ou les données ne sont pas chiffrées HTTPS est une connexions ou les données sont chiffrées. En plus de chiffrer les données transmises entre un serveur et votre navigateur, le protocole TLS authentifie également le serveur auquel vous vous connectez et protège les données transmises de toute altération. Le ssl qui est contenue dans le HTTPS permet la sécurisation du voyage. Les avantages en termes de sécurité mentionnés plus haut, soit l’authentification du serveur, le chiffrement des échanges de données et leur protection contre les altérations, sont les avantages évidents et principaux du protocole HTTPS. ### ssh jumping ``` Host jump User <jump-user> HostName <jump-host> Host protected User <protected-user> HostName <protected-host> ProxyJump jump ``` ### Forwarding de ports at home ``` [Killian@pc-554 ~]$ ping -c 2 192.168.1.23 PING 192.168.1.23 (192.168.1.23) 56(84) bytes of data. 64 bytes from 192.168.1.23: icmp_seq=1 ttl=64 time=0.358 ms 64 bytes from 192.168.1.23: icmp_seq=2 ttl=64 time=0.516 ms 64 bytes from 192.168.1.23: icmp_seq=3 ttl=64 time=0.456 ms --- 192.168.1.23 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 0.358/0.437/0.516/0.079 ms ```