wmiexec-RegOut is the modify version of impacket wmiexec.py, wmipersist.py. Got output(data, response) from registry, don’t need SMB connection, but I’m in the bad code.
In original wmiexec.py, it get response from smb connection (port 445,139). Unfortunately, some antivirus software are monitoring these ports as high risk.
In this case, I drop smb connection function and use others method to execute command.
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration
Name: EnableAt
Type: REG_DWORD
Value: 1
(Highly recommend, !!!only works on impacket v0.9.24!!!)
: A Python version of WMIHACKER, which I picked the vbs template from it. Attacker can use it to do lateral movement safety under antivirus-software running.Generally, you just need to install official impacket.
python3 wmiexec-reg.py administrator:111qqq…@192.168.10.90 ‘whoami’
With cleartext password (without output)
python3 wmipersist-wip.py administrator:111qqq…@192.168.10.20 ‘command’
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…
Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…