Categories: Kali Linux

SharpStat : C# Utility That Uses WMI To Run CMD

SharpStat is a C# utility that uses WMI to run “cmd.exe /c netstat -n”, save the output to a file, then use SMB to read and delete the file remotely. This script will attempt to connect to all the supplied computers and use WMI to execute cmd.exe /c netstat -n > <file>.

The file the output is saved to is specified by ‘-file’. Once the netstat command is running, the output is read via remote SMB call and then deleted.

While this isn’t the stealthiest of scripts (because of the cmd.exe execution and saving to a file), sometimes you gotta do what you gotta do.

An alternative would be to use WMI to remotely query netstat information, but that WMI class is only available on Win10+ systems, which isn’t ideal. This solution at least works for all levels of operating systems.

Usage

 Mandatory Options:
     -file         = This is the file that the output will be saved in 
                     temporarily before being remotely read/deleted

 Optional Options:
     -computers    = A list of systems to run this against, separated by commas
        [or]
     -dc           = A domain controller to get a list of domain computers from
     -domain       = The domain to get a list of domain computers from

Also Read – Aaia : AWS Identity & Access Management Visualizer & Anomaly Finder

Examples

SharpStat.exe -file “C:\Users\Public\test.txt” -domain lab.raikia.com -dc lab.raikia.com
SharpStat.exe -file “C:\Users\Public\test.txt” -computers “wkstn7.lab.raikia.com,wkstn10.lab.raikia.com”

Screenshot

Credits :  raikiasec@gmail.com or @raikiasec

R K

Recent Posts

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

6 hours ago

Exploring User Management in Linux Systems

User management is a critical aspect of Linux administration. Each user in a Linux system…

6 hours ago

How to List Users in Linux

Managing users is an essential part of Linux system administration. Knowing how to list all…

7 hours ago

Nmap cheat sheet for beginners

Nmap (Network Mapper) is a free tool that helps you find devices on a network,…

2 days ago

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 week ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 week ago