wmiexec-RegOut is the modify version of impacket wmiexec.py, wmipersist.py. Got output(data, response) from registry, don’t need SMB connection, but I’m in the bad code.
In original wmiexec.py, it get response from smb connection (port 445,139). Unfortunately, some antivirus software are monitoring these ports as high risk.
In this case, I drop smb connection function and use others method to execute command.
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration
Name: EnableAt
Type: REG_DWORD
Value: 1
(Highly recommend, !!!only works on impacket v0.9.24!!!)
: A Python version of WMIHACKER, which I picked the vbs template from it. Attacker can use it to do lateral movement safety under antivirus-software running.Generally, you just need to install official impacket.
python3 wmiexec-reg.py administrator:111qqq…@192.168.10.90 ‘whoami’
With cleartext password (without output)
python3 wmipersist-wip.py administrator:111qqq…@192.168.10.20 ‘command’
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…
Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…
Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…