General Information
Posted: Fri Jul 25, 2025 11:41 am
Run Executable as SYSTEM
A picture is worth a thousand words.
A picture is worth a thousand words.
cmd /k whoami /all /fo list
USER INFORMATION
----------------
User Name: nt authority\system
SID: S-1-5-18
GROUP INFORMATION
-----------------
Group Name: Mandatory Label\System Mandatory Level
Type: Label
SID: S-1-16-16384
Attributes:
Group Name: Everyone
Type: Well-known group
SID: S-1-1-0
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: BUILTIN\Users
Type: Alias
SID: S-1-5-32-545
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: NT AUTHORITY\SERVICE
Type: Well-known group
SID: S-1-5-6
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: CONSOLE LOGON
Type: Well-known group
SID: S-1-2-1
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: NT AUTHORITY\Authenticated Users
Type: Well-known group
SID: S-1-5-11
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: NT AUTHORITY\This Organization
Type: Well-known group
SID: S-1-5-15
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: NT SERVICE\TrustedInstaller
Type: Well-known group
SID: S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464
Attributes: Enabled by default, Group owner
Group Name: LOCAL
Type: Well-known group
SID: S-1-2-0
Attributes: Mandatory group, Enabled by default, Enabled group
Group Name: BUILTIN\Administrators
Type: Alias
SID: S-1-5-32-544
Attributes: Enabled by default, Enabled group, Group owner
PRIVILEGES INFORMATION
----------------------
Privilege Name: SeAssignPrimaryTokenPrivilege
Description: Replace a process level token
State: Enabled
Privilege Name: SeLockMemoryPrivilege
Description: Lock pages in memory
State: Enabled
Privilege Name: SeIncreaseQuotaPrivilege
Description: Adjust memory quotas for a process
State: Enabled
Privilege Name: SeTcbPrivilege
Description: Act as part of the operating system
State: Enabled
Privilege Name: SeSecurityPrivilege
Description: Manage auditing and security log
State: Enabled
Privilege Name: SeTakeOwnershipPrivilege
Description: Take ownership of files or other objects
State: Enabled
Privilege Name: SeLoadDriverPrivilege
Description: Load and unload device drivers
State: Enabled
Privilege Name: SeSystemProfilePrivilege
Description: Profile system performance
State: Enabled
Privilege Name: SeSystemtimePrivilege
Description: Change the system time
State: Enabled
Privilege Name: SeProfileSingleProcessPrivilege
Description: Profile single process
State: Enabled
Privilege Name: SeIncreaseBasePriorityPrivilege
Description: Increase scheduling priority
State: Enabled
Privilege Name: SeCreatePagefilePrivilege
Description: Create a pagefile
State: Enabled
Privilege Name: SeCreatePermanentPrivilege
Description: Create permanent shared objects
State: Enabled
Privilege Name: SeBackupPrivilege
Description: Back up files and directories
State: Enabled
Privilege Name: SeRestorePrivilege
Description: Restore files and directories
State: Enabled
Privilege Name: SeShutdownPrivilege
Description: Shut down the system
State: Enabled
Privilege Name: SeDebugPrivilege
Description: Debug programs
State: Enabled
Privilege Name: SeAuditPrivilege
Description: Generate security audits
State: Enabled
Privilege Name: SeSystemEnvironmentPrivilege
Description: Modify firmware environment values
State: Enabled
Privilege Name: SeChangeNotifyPrivilege
Description: Bypass traverse checking
State: Enabled
Privilege Name: SeUndockPrivilege
Description: Remove computer from docking station
State: Enabled
Privilege Name: SeManageVolumePrivilege
Description: Perform volume maintenance tasks
State: Enabled
Privilege Name: SeImpersonatePrivilege
Description: Impersonate a client after authentication
State: Enabled
Privilege Name: SeCreateGlobalPrivilege
Description: Create global objects
State: Enabled
Privilege Name: SeIncreaseWorkingSetPrivilege
Description: Increase a process working set
State: Enabled
Privilege Name: SeTimeZonePrivilege
Description: Change the time zone
State: Enabled
Privilege Name: SeCreateSymbolicLinkPrivilege
Description: Create symbolic links
State: Enabled
Privilege Name: SeDelegateSessionUserImpersonatePrivilege
Description: Obtain an impersonation token for another user in the same session
State: Enabled
C:\Windows\System32>