├── readme.md
└── xxSysInfo.bat


/readme.md:
--------------------------------------------------------------------------------
 1 | # xxSysInfo
 2 | 
 3 | ### Description ###
 4 | Bat file to collect software and hardware system information without admin permissions. Useful for information gathering and reconnaissance. Generates a file with size less than 1mb by using wmic and other core Windows utilities.
 5 | 
 6 | ### Usage ###
 7 | Specify log file location with the -l parameter:
 8 | ```cmd
 9 | xxSysInfo.bat -l D:\info.txt
10 | ``` 
11 | 
12 | or just use default one (%cd%\sysInfo.txt):
13 | 
14 | ```cmd
15 | xxSysInfo.bat
16 | ```


--------------------------------------------------------------------------------
/xxSysInfo.bat:
--------------------------------------------------------------------------------
  1 | @ECHO off
  2 | 
  3 | REM Clean and Configure
  4 | SET ST=%time%
  5 | SETLOCAL EnableDelayedExpansion
  6 | TITLE Status: Working...
  7 | COLOR 0a
  8 | CLS
  9 | chcp 65001>nul 
 10 | 
 11 | REM Heading
 12 | ECHO ==========================
 13 | ECHO === xxSysInfo v1.0
 14 | ECHO ========================== 
 15 | ECHO = Usage: xxSysInfo.bat -l D:\info.txt
 16 | ECHO = Or just: xxSysInfo.bat for default log file.
 17 | ECHO ========================== 
 18 | ECHO.
 19 | 
 20 | REM Input parameters
 21 | if "%~1"=="-l" (GOTO SPECIFIC) ELSE (GOTO UNKNOWN)
 22 | :SPECIFIC
 23 | SET "logfile=%~2"
 24 | ECHO Using %logfile% as log file.
 25 | GOTO CONTINUE
 26 | :UNKNOWN
 27 | SET "logfile=%cd%\sysInfo.txt"
 28 | ECHO Using %logfile% as log file.
 29 | GOTO CONTINUE
 30 | :CONTINUE
 31 | 
 32 | REM Check logfile existance
 33 | if EXIST %logfile%. (
 34 |     ECHO Warning: File exists. 
 35 |     ECHO Appending information...
 36 | ) ELSE (
 37 |     ECHO File created. 
 38 |     ECHO Appending information...
 39 | )
 40 | 
 41 | REM Date
 42 | ECHO ============= >> %logfile%
 43 | ECHO === Log created at: >> %logfile%
 44 | ECHO ============= >> %logfile%
 45 | ECHO Date and time: >> %logfile% 
 46 | ECHO %date%-%time% >> %logfile% 2>&1
 47 | ECHO Timezone: >> %logfile% 
 48 | wmic Timezone get DaylightName,Description,StandardName |more >> %logfile% 2>&1
 49 | 
 50 | REM Basic Information
 51 | ECHO ============= >> %logfile%
 52 | ECHO === Basic Information: >> %logfile%
 53 | ECHO ============= >> %logfile%
 54 | ECHO Output of whoami: >> %logfile%
 55 | whoami >> %logfile% 2>&1
 56 | ECHO Output of %^%username%^%: >> %logfile% 
 57 | ECHO %username% >> %logfile% 2>&1
 58 | ECHO Output of %^%computername%^%: >> %logfile% 
 59 | ECHO %computername% >> %logfile% 2>&1
 60 | 
 61 | REM Net Users
 62 | ECHO. >> %logfile%
 63 | ECHO ============= >> %logfile%
 64 | ECHO === Net Users: >> %logfile%
 65 | ECHO ============= >> %logfile%
 66 | net users >> %logfile% 2>&1
 67 | 
 68 | REM Environment Variables
 69 | ECHO. >> %logfile%
 70 | ECHO ============= >> %logfile%
 71 | ECHO === Environment Variables: >> %logfile%
 72 | ECHO ============= >> %logfile%
 73 | ECHO Output of SET: >> %logfile% 
 74 | set >> %logfile% 2>&1
 75 | ECHO Output of %^%cmdextversion%^%: >> %logfile% 
 76 | echo %cmdextversion% >> %logfile% 2>&1
 77 | ECHO Output of %^%cmdcmdline%^%: >> %logfile% 
 78 | echo %cmdcmdline% >> %logfile% 2>&1
 79 | ECHO Output of %^%errorlevel%^%: >> %logfile% 
 80 | echo %errorlevel% >> %logfile% 2>&1
 81 | 
 82 | REM Full Systeminfo
 83 | ECHO. >> %logfile%
 84 | ECHO ============= >> %logfile%
 85 | ECHO === Full Systeminfo: >> %logfile%
 86 | ECHO ============= >> %logfile%
 87 | systeminfo >> %logfile% 2>&1
 88 | 
 89 | REM IPConfig
 90 | ECHO. >> %logfile%
 91 | ECHO ============= >> %logfile%
 92 | ECHO === IPConfig: >> %logfile%
 93 | ECHO ============= >> %logfile%
 94 | ipconfig /all >> %logfile% 2>&1
 95 | 
 96 | REM Routes
 97 | ECHO. >> %logfile%
 98 | ECHO ============= >> %logfile%
 99 | ECHO === Routes: >> %logfile%
100 | ECHO ============= >> %logfile%
101 | route print >> %logfile% 2>&1
102 | 
103 | REM ARP
104 | ECHO. >> %logfile%
105 | ECHO ============= >> %logfile%
106 | ECHO === ARP: >> %logfile%
107 | ECHO ============= >> %logfile%
108 | arp -A >> %logfile% 2>&1
109 | 
110 | REM Netstat
111 | ECHO. >> %logfile%
112 | ECHO ============= >> %logfile%
113 | ECHO === Netstat: >> %logfile%
114 | ECHO ============= >> %logfile%
115 | netstat -ano >> %logfile% 2>&1
116 | 
117 | REM Firewall State
118 | ECHO. >> %logfile%
119 | ECHO ============= >> %logfile%
120 | ECHO === Firewall State: >> %logfile%
121 | ECHO ============= >> %logfile%
122 | netsh firewall show state >> %logfile% 2>&1
123 | 
124 | REM Firewall Config
125 | ECHO. >> %logfile%
126 | ECHO ============= >> %logfile%
127 | ECHO === Firewall Config: >> %logfile%
128 | ECHO ============= >> %logfile%
129 | netsh firewall show config >> %logfile% 2>&1
130 | 
131 | REM Scheduled Tasks
132 | ECHO. >> %logfile%
133 | ECHO ============= >> %logfile%
134 | ECHO === Scheduled Tasks: >> %logfile%
135 | ECHO ============= >> %logfile%
136 | schtasks /query /fo LIST /v >> %logfile% 2>&1
137 | 
138 | REM Processes
139 | ECHO. >> %logfile%
140 | ECHO ============= >> %logfile%
141 | ECHO === Processes: >> %logfile%
142 | ECHO ============= >> %logfile%
143 | ECHO Tasklist: >> %logfile% 2>&1
144 | tasklist /SVC >> %logfile% 2>&1
145 | ECHO WMIC: >> %logfile% 2>&1
146 | wmic process get CSName,Description,ExecutablePath,ProcessId |more >> %logfile% 2>&1
147 | 
148 | REM Services
149 | ECHO. >> %logfile%
150 | ECHO ============= >> %logfile%
151 | ECHO === Services: >> %logfile%
152 | ECHO ============= >> %logfile%
153 | ECHO Net: >> %logfile% 2>&1
154 | net start >> %logfile% 2>&1
155 | ECHO WMIC: >> %logfile% 2>&1
156 | wmic service get Caption,Name,PathName,ServiceType,Started,StartMode,StartName |more >> %logfile% 2>&1
157 | 
158 | REM Driver Information
159 | ECHO. >> %logfile%
160 | ECHO ============= >> %logfile%
161 | ECHO === Driver Information: >> %logfile%
162 | ECHO ============= >> %logfile%
163 | DRIVERQUERY >> %logfile% 2>&1
164 | 
165 | REM Windows Updates Information
166 | ECHO. >> %logfile%
167 | ECHO ============= >> %logfile%
168 | ECHO === Windows Updates Information: >> %logfile%
169 | ECHO ============= >> %logfile%
170 | wmic qfe get Caption,Description,HotFixID,InstalledOn |more >> %logfile% 2>&1
171 | 
172 | REM %path%
173 | ECHO ============= >> %logfile%
174 | ECHO === Output of %^%path%^%: >> %logfile%
175 | ECHO ============= >> %logfile%
176 | ECHO %path% >> %logfile% 2>&1
177 | 
178 | REM Useraccount SID
179 | ECHO. >> %logfile%
180 | ECHO ============= >> %logfile%
181 | ECHO === Useraccount SID: >> %logfile%
182 | ECHO ============= >> %logfile%
183 | wmic useraccount where name='%username%' get sid |more >> %logfile% 2>&1
184 | 
185 | REM IE Version
186 | ECHO ============= >> %logfile%
187 | ECHO === IE versions: >> %logfile%
188 | ECHO ============= >> %logfile%
189 | %windir%\system32\reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v svcVersion >NUL 2>NUL
190 | if not ErrorLevel 1 (
191 |   FOR /f "usebackq tokens=3" %%i in (`%windir%\system32\reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v svcVersion ^| %windir%\system32\findstr /i /l /c:"REG_SZ"`) do SET _IEVersion=%%i
192 | ) else (
193 |   REM svcVersion KEY NOT Found. Must be IE9 or earlier so use Version Key
194 |   FOR /f "usebackq tokens=3" %%i in (`%windir%\system32\reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v Version ^| %windir%\system32\findstr /i /l /c:"REG_SZ"`) do SET _IEVersion=%%i
195 | )
196 | REM Get IE major version
197 | FOR /f "tokens=1 Delims=." %%i in ("%_IEVERSION%") do SET _IEMajorVersion=%%i
198 | ECHO Major: %_IEMajorVersion% ^| Minor: %_IEVersion% >> %logfile% 2>&1
199 | 
200 | REM Service Pack Information
201 | ECHO. >> %logfile%
202 | ECHO ============= >> %logfile%
203 | ECHO === Service Pack Information: >> %logfile%
204 | ECHO ============= >> %logfile%
205 | wmic os get ServicePackMajorVersion /value |more >> %logfile% 2>&1
206 | 
207 | REM  Drives
208 | ECHO. >> %logfile%
209 | ECHO ============= >> %logfile%
210 | ECHO === Drives: >> %logfile%
211 | ECHO ============= >> %logfile%
212 | ECHO System Drive: >> %logfile% 2>&1
213 | ECHO %systemdrive% >> %logfile% 2>&1
214 | ECHO All drives: >> %logfile% 2>&1
215 | fsutil fsinfo drives >> %logfile% 2>&1
216 | ECHO System drive type: >> %logfile% 2>&1
217 | fsutil fsinfo driveType %systemdrive% >> %logfile% 2>&1
218 | ECHO WMIC: >> %logfile% 2>&1
219 | wmic volume get Label,DeviceID,DriveLetter,FileSystem,Capacity,FreeSpace |more >> %logfile% 2>&1
220 | 
221 | REM CPU
222 | ECHO. >> %logfile%
223 | ECHO ============= >> %logfile%
224 | ECHO === CPU: >> %logfile%
225 | ECHO ============= >> %logfile%
226 | ECHO Architecture: >> %logfile% 2>&1
227 | ECHO %processor_architecture% >> %logfile% 2>&1
228 | ECHO WMIC: >> %logfile% 2>&1
229 | wmic CPU get Description, DeviceID, Manufacturer, MaxClockSpeed, Name, Status, SystemName |more >> %logfile% 2>&1
230 | 
231 | REM Network Shares
232 | ECHO. >> %logfile%
233 | ECHO ============= >> %logfile%
234 | ECHO === Network Shares: >> %logfile%
235 | ECHO ============= >> %logfile%
236 | wmic netuse list |more >> %logfile% 2>&1
237 | 
238 | REM Full Group List
239 | ECHO. >> %logfile%
240 | ECHO ============= >> %logfile%
241 | ECHO === Full Group List: >> %logfile%
242 | ECHO ============= >> %logfile%
243 | wmic group list full |more >> %logfile% 2>&1
244 | 
245 | REM Full Useraccounts List
246 | ECHO. >> %logfile%
247 | ECHO ============= >> %logfile%
248 | ECHO === Full Useraccounts List: >> %logfile%
249 | ECHO ============= >> %logfile%
250 | wmic USERACCOUNT list full |more >> %logfile% 2>&1
251 | 
252 | REM Products
253 | ECHO. >> %logfile%
254 | ECHO ============= >> %logfile%
255 | ECHO === Products: >> %logfile%
256 | ECHO ============= >> %logfile%
257 | wmic PRODUCT get Description,InstallDate,InstallLocation,PackageCache,Vendor,Version |more >> %logfile% 2>&1
258 | 
259 | REM Startup
260 | ECHO. >> %logfile%
261 | ECHO ============= >> %logfile%
262 | ECHO === Startup: >> %logfile%
263 | ECHO ============= >> %logfile%
264 | wmic startup get Caption,Command,Location,User |more >> %logfile% 2>&1
265 | 
266 | REM OS
267 | ECHO. >> %logfile%
268 | ECHO ============= >> %logfile%
269 | ECHO === OS: >> %logfile%
270 | ECHO ============= >> %logfile%
271 | wmic os get name,version,InstallDate,LastBootUpTime,LocalDateTime,Manufacturer,RegisteredUser,ServicePackMajorVersion,SystemDirectory |more >> %logfile% 2>&1
272 | 
273 | REM NIC
274 | ECHO. >> %logfile%
275 | ECHO ============= >> %logfile%
276 | ECHO === NIC: >> %logfile%
277 | ECHO ============= >> %logfile%
278 | wmic nicconfig where IPEnabled='true' get Caption,DefaultIPGateway,Description,DHCPEnabled,DHCPServer,IPAddress,IPSubnet,MACAddress |more >> %logfile% 2>&1
279 | 
280 | REM Nice ending
281 | TITLE Status: Done.
282 | REM Start, end time difference and adjustments
283 | FOR /f "tokens=1-3 delims=:" %%a in ("%ST%") do SET /a h1=%%a & SET /a m1=%%b & SET /a s1=%%c
284 | FOR /f "tokens=1-3 delims=:" %%a in ("%TIME%") do SET /a h2=%%a & SET /a m2=%%b & SET /a s2=%%c
285 | SET /a h3=%h2%-%h1% & SET /a m3=%m2%-%m1% & SET /a s3=%s2%-%s1%
286 | if %h3% LSS 0 SET /a h3=%h3%+24
287 | if %m3% LSS 0 SET /a m3=%m3%+60 & SET /a h3=%h3%-1
288 | if %s3% LSS 0 SET /a s3=%s3%+60 & SET /a m3=%m3%-1
289 | REM Calculate log size
290 | FOR %%I in (%logfile%) do SET /a xbytesize=%%~zI
291 | SET /a xmbsize=%xbytesize%/1024/1024
292 | ECHO Generated %xbytesize% bytes (~%xmbsize% mb) log file in %h3%:%m3%:%s3% seconds.
293 | ECHO.
294 | ECHO =============
295 | ECHO Done!
296 | ECHO =============
297 | ECHO.
298 | ECHO Press any key to exit...
299 | PAUSE>nul
300 | EXIT
301 | 


--------------------------------------------------------------------------------