How to determine the username on a windows command shell
Solution 1
If you're doing this as part of a pentesting lab, you can use Kali's inbuilt whoami.exe located at
/usr/share/windows-binaries/whoami.exe
Just copy it over and run on the Win XP machine.
Solution 2
You're not missing anything. Perhaps you're running it in powershell? If you're not getting the correct value returned from cmd, that's something you'll have to investigate further.
When in a Windows command prompt (cmd not PowerShell), enter:
echo %username%
When in PowerShell, enter:
# Returns computername/username
whoami
# Returns username
echo $env:username
# Returns table containing computer/usernem
Get-WMIObject -class Win32_ComputerSystem | select username
Solution 3
maybe you are missing the USERNAME environment variable for some reason. Run the set command and it will list the environment variables and their values. My XP has USERNAME and I didn't add it, so XP has it.. it's strange yours doesn't. But run set and see what you have
A bunch of environment variables have the user
TEMP=C:\DOCUME~1\User\LOCALS~1\Temp
TMP=C:\DOCUME~1\User\LOCALS~1\Temp
USERNAME=user
USERPROFILE=C:\Documents and Settings\user
Added
In an example similar to the one you are in.. Here I have logged into the machine remotely, it runs bvsshserver (bitvise ssh server aka winsshd) (which when logged into even from cygwin client, will give a windows command line) though openssh server via cygwin gives bash.. You can use the openssh client in cygwin to log into bitvise sshd and get a windows command line
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\WINSSH~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\WINSSH~1\LOCALS~1\Temp
USERNAME=WinSSHD_VirtualUsers
USERPROFILE=C:\Documents and Settings\WinSSHD_VirtualUsers
VIRTGROUP=Virtual Users
VIRTUSER=user
windir=C:\WINDOWS
C:\>whoami
WinSSHD_VirtualUsers
C:\>
In this case "VIRTUSER" has the username, though different to the one shown by whoami.
What SSH server(or remote logging in program server) does your XP machine run?
Related videos on Youtube
countermode
Security professional - IPv6 enthusiast - Linux geek - Privacy advocator - ISO 27001 auditor - Chess player
Updated on September 18, 2022Comments
-
countermode over 1 year
There are various suggestions on how to determine the current username on a windows command shell without using
whoami
, such as this question or this question. The generic answer seems to beecho %username%
. However, when I do this (on Windows XP), the shell answers with%username%
. Am I missing something?-
cliff2310 almost 9 yearsIt works in Windows7.
-
barlop almost 9 years@cliff2310 you say it works on 7 but can you not see he tagged this XP and is asking about XP (That said, it should work on XP too)
-
AFH almost 9 yearsIt works fine on my XP system. Your observation will happen only if
username
is either not set, or set to the literal string%username%
. To find out which, typeset username
. Both are unlikely, but my best guess is that you have run a batch file which usesusername
as a work variable and clears it on exit, so search your batch files for the stringusername
(case insensitive search). -
DavidPostill almost 9 years"As I said, it's a pentesting lab with deliberately broken machines." -- voting to close as off topic
-
countermode almost 9 years"deliberately broken" is to be understood in the sense of badly maintained, not in the sense of artificially misconfigured machines that would never be seen in the wild.
-
-
countermode almost 9 yearsWell, this popped up in a pentesting lab. I got a shell on this XP machine and I wondered who I am (i.e. whose privileges I have).
set
is a nice suggestion, although it didn't tell a lot in the particular situation. -
barlop almost 9 years@countermode what is the server? I guess it can depend on that
-
countermode almost 9 yearsIt's a Win XP, apparently no service packs installed.
username
is not set andwhoami
is not installed. -
barlop almost 9 years@countermode it can't be the no service packs.. 'cos are you're telling me he has no
%TEMP%
either? i'd be surprised if win xp pre sp1 was so limited! how many users are there! maybe look in c:\documents and settings see how many folders ther are. If the machine has so many things removed maybe it only has one user profile there! (that said.. no doubt i have no winsshd virtual user listed in my documents and settings). -
countermode almost 9 yearsAs I said, it's a pentesting lab with deliberately broken machines. Wait...
%TEMP%
is set.