LOGBOOK

HELP

Quiz Entry - updated: 2026.07.01

After a Meterpreter session opens, what does the sysinfo command reveal, and what phase of an attack is this?

sysinfo prints the compromised machine's OS, architecture, hostname, domain, and logged-on user — the reconnaissance step of post-exploitation.

Post-exploitation is everything that happens after you've gained access — the goal shifts from "get in" to "understand, persist, and expand." sysinfo is usually the first move because the answers steer everything next:

  • OS + architecture (x64/x86) → which further exploits and tools will run
  • Domain → is this a standalone box or part of an Active Directory you can pivot through?
  • Logged-on user / privileges → do you already have admin, or must you escalate?

It's the attacker's equivalent of "where am I and what am I working with?"

Tip: Recon doesn't stop at the perimeter — the first thing a smart intruder does inside is look around.

From Quiz: INTROL / Password Cracking | Updated: Jul 01, 2026