C:Program FilesCommon FilesMicrosoft Sharedweb server extensions12TEMPLATELAYOUTS
Determine when Windows was installed
systeminfo | find /i “install date”
MS Network Monitor: Address listing
Its much easier to sniff using Microsoft Network Monitor when you import the addresses you care about in .adr format. Just create a text file, and add each address on a single line, like this:
Then start NetMon and import the addresses.
Sniffing a browser authentication
A 401 response message is used by an web server to challenge the authorization of a user agent connecting anonymously. After receiving a 401 response, a browser will include an Authorization header field with the next request. The Authorization field contains credentials with the authentication information of the user agent for the resource being requested.
I used Wireshark to sniff this request-response stream on an Apache web server (asking for a virtual host called “/manual” protected by Basic authentication), and it looks like this:
|HTTP Request(GET /manual)|
|HTTP 401 Authorization Required response to browser including WWW-Authenticate: Basic header|
(Repeat TCP sequence again, but browser sends proper credentials this time, and gets a 304 Not Modified response)