Categories: Kali Linux

SharpStat : C# Utility That Uses WMI To Run CMD

SharpStat is a C# utility that uses WMI to run “cmd.exe /c netstat -n”, save the output to a file, then use SMB to read and delete the file remotely. This script will attempt to connect to all the supplied computers and use WMI to execute cmd.exe /c netstat -n > <file>.

The file the output is saved to is specified by ‘-file’. Once the netstat command is running, the output is read via remote SMB call and then deleted.

While this isn’t the stealthiest of scripts (because of the cmd.exe execution and saving to a file), sometimes you gotta do what you gotta do.

An alternative would be to use WMI to remotely query netstat information, but that WMI class is only available on Win10+ systems, which isn’t ideal. This solution at least works for all levels of operating systems.

Usage

 Mandatory Options:
     -file         = This is the file that the output will be saved in 
                     temporarily before being remotely read/deleted

 Optional Options:
     -computers    = A list of systems to run this against, separated by commas
        [or]
     -dc           = A domain controller to get a list of domain computers from
     -domain       = The domain to get a list of domain computers from

Also Read – Aaia : AWS Identity & Access Management Visualizer & Anomaly Finder

Examples

SharpStat.exe -file “C:\Users\Public\test.txt” -domain lab.raikia.com -dc lab.raikia.com
SharpStat.exe -file “C:\Users\Public\test.txt” -computers “wkstn7.lab.raikia.com,wkstn10.lab.raikia.com”

Screenshot

Credits :  raikiasec@gmail.com or @raikiasec

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

17 hours ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

17 hours ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

2 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

3 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

3 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

3 days ago