LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

1 year ago 99
BOOK THIS SPACE FOR AD
ARTICLE AD

Set of python scripts which perform different ways of command execution via WMI protocol.

Blog Post

https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/

Usage

wmiexec_scheduledjob.py

Is a python script which authenticates to a remote WMI instance and execute commands via Scheduled Tasks.

To run the script:

python3 wmiexec_scheduledjob.py -i <ip_address> -u <username> -p <password> -c <command>

wmiexec_win32process.py

Is a python script which authenticates to a remote WMI instance and execute commands via Win32_Process.

To run the script:

python3 wmiexec_win32process.py -i <ip_address> -u <username> -p <password> -c <command>

webserver_ssl.py

Is a python script which creates a HTTPS server (with a self-signed SSL certificate). Used to exfiltrate the command's output.

Before running the HTTP server, make sure to generate the certificates by running:

RSA -out server.key openssl req -new -key server.key -out server.csr openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt" dir="auto">

openssl genpkey -algorithm RSA -out server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

If everything is done correctly, the server will be running without any error:

Credits

https://github.com/XiaoliChan/wmiexec-RegOut
https://learn.microsoft.com/en-us/windows/win32/cimwin32prov/win32-scheduledjob

Author

Kleiton Kurti (@kleiton0x00)

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol Reviewed by Zion3R on 8:30 AM Rating: 5

Read Entire Article
  3. WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

Related

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Psobf - PowerShell Obfuscator

Psobf - PowerShell Obfuscator

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

VulnNodeApp - A Vulnerable Node.Js Application

VulnNodeApp - A Vulnerable Node.Js Application

Trending

1. C2C Advanced Systems IPO GMP
2. Disney
3. Dubai
4. Coldplay Infinity tickets
5. Bengaluru Bulls
6. Rights
7. ICBM
8. Rishabh Pant
9. Yashasvi Jaiswal
10. KL Rahul

Popular

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved