Internal Infrastructure Pentest - Extracting Juicy Information from Registry

• reg query “HKCU\Software\ORL\WinVNC3\Password”
• reg query HKEY_LOCAL_MACHINE\SOFTWARE\RealVNC\WinVNC4 /v password
• reg query “HKCU\Software\SimonTatham\PuTTY\Sessions”
• reg query HKLM /f password /t REG_SZ /s
• reg query HKCU /f password /t REG_SZ /s
• reg query “HKLM\SYSTEM\Current\ControlSet\Services\SNMP”
• reg query “HKLM\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogon”
• reg query “HKEY_LOCAL_MACHINE\ SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\ History” /v DCName