wmiexec-RegOut - Modify Version Of Impacket Wmiexec.Py, Get Output(Data,Response) From Registry, Don'T Need SMB Connection, Also Bypassing Antivirus-Software In Lateral Movement Like WMIHACKER | allinfosecnews.com

Feb. 3, 2022, 8:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com

Modify version of impacket wmiexec.py,wmipersist.py. Got output(data,response) from registry, don't need SMB connection, but I'm in the bad code :(

Specially Thanks to:

@rootclay, wechat: _xiangshan

Overview

In original wmiexec.py, it get response from smb connection (port 445,139). Unfortunately, some antivirus software are monitoring these ports as high risk.
In this case, I drop smb connection function and use others method to execute command.

wmiexec-reg-sch-UnderNT6-wip.py: Executed command by using win32-scheduledjob class. According to xiangshan, win32-scheduledjob class only works under …

antivirus data don impacket registry response smb software version windows

More from www.kitploit.com / KitPloit - PenTest Tools!

Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries 23 hours ago | www.kitploit.com

api command command line deimosc2 +17

HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries … 1 day, 23 hours ago | www.kitploit.com

hardeningmeter protection python python3 +2

JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post … 2 days, 23 hours ago | www.kitploit.com

js-tap multithreaded taken traffic +3

MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs 3 days, 23 hours ago | www.kitploit.com

cyber security dfir automation digital forensic masterparser +1

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The … 4 days, 23 hours ago | www.kitploit.com

c2-cloud command & control hacking tool offensive security +4

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 5 days, 23 hours ago | www.kitploit.com

attack detection lfi detection oste-web-log-analyzer rfi detection +1

ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 6 days, 23 hours ago | www.kitploit.com

ntlm post-exploitation powershell python +7

Galah - An LLM-powered Web Honeypot Using The OpenAI API 1 week ago | www.kitploit.com

galah golang llm openai api +3

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 1 week, 1 day ago | www.kitploit.com

amsi antivirus crimsonedr dll +5

Red Team Operator

@ JPMorgan Chase & Co. | LONDON, United Kingdom

View on infosec-jobs.com

SOC Analyst

@ Resillion | Bengaluru, India

View on infosec-jobs.com

Director of Cyber Security

@ Revinate | San Francisco Bay Area

View on infosec-jobs.com

Jr. Security Incident Response Analyst

@ Kaseya | Miami, Florida, United States

View on infosec-jobs.com

Infrastructure Vulnerability Consultant - (Cloud Security , CSPM)

@ Blue Yonder | Hyderabad

View on infosec-jobs.com

Product Security Lead

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com