Like Linux, Windows is a whole beast on its own. Different system files, utilities, settings, features, etc. Things we need to know to understand, exploit and defend Windows.
Let’s start the first of the 3-part lesson from our #FromZeroToHacker Windows fundamentals.
| Table of contents |
| Introduction |
| What I have learnt today? |
| Stats |
| Resources |
Introduction to Windows Fundamentals
After Linux, one important OS (Operating System) is Windows. Today we are going to learn:
- How the Windows GUI (the desktop) works
- The file system it uses and other possible options
- How to manage accounts with their permissions
- What UAC (User Account Control) is and how it works
- Settings and Control Panel
- Task Manager
What I have learnt today?
Windows Editions
Dating back to 1985, Windows is the dominant OS in both home and corporate networks. And because of this, a big target for hackers and malware writers.
Windows XP was a popular version of Windows and lasted for many many years. After that, Microsoft announced Windows Vista. It was a flop and didn’t last.
When Microsoft announced the end-of-life date for Windows XP, people were concerned: Corporations, hospitals, etc. just jumped to the next Windows version, Windows 7. Vendors had to work day and night to ensure their products worked with this new Windows version.
Windows, as quickly as it was released, was marked with an end-of-support date. Windows 8 came after and it played like Windows Vista.
Then, Windows 10 arrived with two flavours: Home and Pro. It was a great improvement compared with previous iterations, but on the 5th of October of 2021, Windows 11 came out, not without controversy.
The Desktop (GUI)
The Windows Desktop is the Graphical User Interface, or GUI, that greets us once you log in to a Windows 10 machine:
Its components are:
- The Desktop
- Start Menu
- Search Box
- Task View
- Taskbar
- Toolbars
- Notification area
The desktop
The desktop is where you will have shortcuts to programs, folders, files, etc. The look and feel can be personalised. Just right-click anywhere on the desktop and a context menu will appear, allowing you to change the sizes of the desktop icons, choose how to sort them, create new folders or files, and more.
Under display settings, you can change the screen’s resolution and orientation and also manage multiple screens.
You can also change the wallpaper by selecting Personalize
Under Personalize you can change the background image, fonts, themes, color scheme, etc.
The start menu
The start menu, at the bottom left corner, provides access to all the programs, files, utility tools, etc. Clicking on the Windows logo will make the start menu open:
- This section of the start menu provides quick shortcuts to actions, such as making changes to your user, locking your screen, etc. Other shortcuts are your Documents (Document icon), Pictures (Pictures icon), the gear icon, which will take you to the Settings screen, and the Power icon, which will allow you to disconnect from a Remote Desktop session, shut down, or restart the computer.
- This section shows all the Recently added programs at the top, and all the installed programs listed in alphabetical order.
- The right side of the start menu is where you will find icons for specific programs or utilities. These icons are called tiles. If you right-click any of them, a menu will appear to allow you to perform more actions on the selected tile:
The taskbar
Some of the components are enabled and visible by default. If you want to disable some of these components, you can right-click the taskbar to bring a context menu that will allow you to handle things.
The notification area
The notification area is displayed typically at the bottom right of the Windows screen, next to the date and time. Other icons possibly visible in this area are the volume icon, network icon, and more. Icons can be managed from the notification area in taskbar settings.
The file system
The file system used in current versions of Windows is the New Technology File System or NTFS
You still see FAT partitions in use, for example, in USB devices, MicroSD cards, etc, but not on personal Windows computers.
NTFS is known as a journaling file system. In case of a failure, the system can automatically repair the folders and files on disk using information stored in a log file. Something that FAT can’t do.
NTFS fixes limitations of previous file systems such as:
- Supports files larger than 4 GB
- Set specific permissions on folders and files
- Folder and file compression
- Encryption
On NTFS you can set permissions that grant or deny access to files and folders. The permissions are Read, Write, Read and Execute, List folder contents, Read and Write:
To view the permissions of a folder, right-click it, select Properties in the menu, go to the Security tab, and in the Group or user names, select what permissions you want to view.
The Windows\System32 folders
The Windows folder (C:\Windows) is where Windows operating system data is stored. This is where environment variables are stored.
Environment variables store information about the operating system environment, for example, operating system path, number of processors, location of temporary files, etc.
Inside C:\Windows, there are many folders; one of them is System32, a folder that holds important files critical for the OS. So you know…don’t mess around it.
User accounts, profiles, and permissions
User accounts can be one of two types:
- Administrator: Has full reign of the system, as they can add and delete users, modify groups, etc.
- Standard user: Can only make changes to folders and files attributed to the user and can perform deep changes, such as installing programs.
When a user account is created, a profile is created for the user. The location of each profile falls under C:\Users. For example, a user called Max will have a folder located in C:\Users\Max
Each user profile will have the same folders: Desktop, Documents, Downloads, Music, and Pictures.
User account control
The large majority of home users are logged into their Windows systems as local administrators.
An average user doesn’t need high privileges on the system for day-to-day tasks, such as surfing the Internet, working on an Excel document, etc. Users with elevated privilege are a liability, as letting (consciously or not) a user make changes to the system is an opportunity for hackers and malware.
To protect local users with privileges, Microsoft introduced User Account Control (UAC).
With UAC, when an admin logs in to the system, they don’t run with elevated permissions. When an operation requires them, the user is prompted to confirm if they let the system run the operation.
This feature reduces the likelihood of malware being installed.
Settings and the control panel
On a Windows System, the primary locations to make changes are the Settings menu and the Control Panel.
Settings:
Control panel:
Control panel is the menu where you will access more complex settings and perform more complex actions. Sometimes you start in Settings and end up in the Control Panel, to make deeper changes.
Task manager
The task manager provides information about the applications and processes currently running on the system (Remember the ps Linux command?). Other information is available, such as how much CPU and RAM are being utilized.
You can access the Task Manager by right-clicking the taskbar and clicking on Task Manager.
Here we can manage tasks (haha!) easily. It is a powerful tool to view how the OS is managing your computer, kill processes, manage services, and more.
The scope of just the Task Manager is so big that would take us hours to just scratch the surface of this topic. Luckily, people have done that before, and better than I would do it, so I’ll refer you to this extraordinaire Task Manager Guide.
Stats
From 212.552th to 203.950th. Almost in the top 10%!
Here is also the Skill Matrix:
Resources
Path: Pre Security
Windows Fundamentals
TryHackMe: Windows fundamentals part 1
