# Retrieving Information

#### Retrieving System Information

Get-ComputerInfo

Provides information about the operating system details, hardware information, and more.

```auto
PS C:\Users\Administrator> Get-ComputerInfo

WindowsBuildLabEx                                       : 17763.1.amd64fre.rs5_release.180914-1434
WindowsCurrentVersion                                   : 6.3
WindowsEditionId                                        : ServerStandard
WindowsInstallationType                                 : Server
WindowsInstallDateFromRegistry                          : 3/20/2024 4:48:20 AM
WindowsProductId                                        : 00429-00000-00001-AA815
WindowsProductName                                      : Windows Server 2019 Standard
WindowsRegisteredOrganization                           :
WindowsRegisteredOwner                                  : Windows User
WindowsSystemRoot                                       : C:\Windows
WindowsVersion                                          : 1809
BiosCharacteristics                                     :
BiosBIOSVersion                                         : {BOCHS  - 1}
BiosBuildNumber                                         :
BiosCaption                                             : Default System 
BIOSBiosCodeSet                                         :
BiosCurrentLanguage                                     :
BiosDescription                                         : Default System BIOS
...
```

win32\_OperatingSystem Class

Ideal for replicating the target system and conducting tests.

```auto
PS C:\Users\Administrator> Get-WmiObject -Class win32_OperatingSystem

SystemDirectory : C:\Windows\system32
Organization    :BuildNumber     : 17763
RegisteredUser  : Windows User
SerialNumber    : 00429-00000-00001-AA815
Version         : 10.0.17763
```

Viewing Installed Updates

The Get-Hotfix command is used to display all updates (hotfixes) installed either via Windows Update or manually by users.

```auto
PS C:\Users\Administrator> Get-Hotfix

Source        Description      HotFixID      InstalledBy          InstalledOn
------        -----------      --------      -----------          -----------
SRV2019       Update           KB4464455                          10/29/2018 12:00:00 AM
...
```

Defender

Provides information about Defender services.

```auto
PS C:\Users\Administrator> Get-Service | Where-Object DisplayName -like '*Defender*'

Status   Name               DisplayName
------   ----               -----------
Running  mpssvc             Windows Defender Firewall
Stopped  Sense              Windows Defender Advanced Threat Protection
Running  WdNisSvc           Windows Defender Antivirus Network Inspection Service
Running  WinDefend          Windows Defender Antivirus Service
```

#### Retrieving Information About Files

Searching for Text in Files

To find any text in all files, you can use the following command:

```auto
Get-ChildItem -Recurse *.* | Select-String -Pattern "SEARCH_STR"
```

File Permissions

There is a command to view the Access Control List (ACL). ACL is a list of users or groups with permissions (Read, Write, Delete, etc.) to access a file or folder.

```auto
Get-Acl file.txt
```

File Hashes

You can use this to get the hash of any file for searching, comparison, etc.

```auto
Get-FileHash file.txt
```