0003381: Wmiexec (Part of impacket collection) - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0003381	Kali Linux	Queued Tool Addition	public	2016-06-28 10:24	2021-05-18 11:02

Reporter	g0tmi1k	Assigned To	sbrun
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	resolved	Resolution	fixed
Fixed in Version	2017.1

Summary	0003381: Wmiexec (Part of impacket collection)
Description	Name: Wmiexec Version: 0.9.14 Homepage: https://github.com/CoreSecurity/impacket Download: https://github.com/CoreSecurity/impacket/releases/download/impacket_0_9_14/impacket-0.9.14.tar.gz Licence: Apache (https://github.com/CoreSecurity/impacket/blob/impacket_0_9_13/LICENSE) Description: What is Impacket? Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (for instance NMB, SMB1-3 and MS-DCERPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library. A description of some of the tools can be found at: http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Impacket What is wmiexec? A similar approach to smbexec but executing commands through WMI. Main advantage here is it runs under the user (has to be Admin) account, not SYSTEM, plus, it doesn't generate noisy messages in the event log that smbexec.py does when creating a service. Drawback is it needs DCOM, hence, I have to be able to access DCOM ports at the target machine.

g0tmi1k 2016-06-28 21:15 administrator ~0005434	8 hours later, v0.9.15 got released....

rhertzog 2016-09-18 16:27 administrator ~0005944	What's the relation between Impacket and wmiexec? Also how does it compare to winexe?

g0tmi1k 2016-09-19 11:05 administrator ~0005952	wmiexec is a specific tool within the impacket package, from the “Examples” directory ~ https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py

g0tmi1k 2016-09-19 11:05 administrator ~0005953	Can we update the python-impacket package to run from upstream (https://github.com/CoreSecurity/impacket) rather than Debian testing? Upstream updates frequently and has functionality benefits over the currently packaged version. In addition, some of the example tools in the suite are very useful for pentesting, would be nice to have tools such as “wmiexec.py” available through the $PATH"

sbrun 2016-09-20 09:03 manager ~0005956	There are many examples in impacket. I will pollute a little /usr/bin if I put all the examples in this directory. Do you have a list of which one are important? or you prefer to have all of them in the path?

sbrun 2016-09-22 09:38 manager ~0005975	I uploaded a new version 0.9.15-0kali2 with helper scripts for the 5 examples mentioned: impacket-wmiexec impacket-netview ... We added "impacket-" to avoid conflict with other binaries from other packages.

Date Modified	Username	Field	Change
2016-06-28 10:24	g0tmi1k	New Issue
2016-06-28 10:26	g0tmi1k	Description Updated
2016-06-28 21:15	g0tmi1k	Note Added: 0005434
2016-09-18 16:27	rhertzog	Note Added: 0005944
2016-09-18 16:27	rhertzog	Assigned To	=> sbrun
2016-09-18 16:27	rhertzog	Status	new => assigned
2016-09-19 11:05	g0tmi1k	Note Added: 0005952
2016-09-19 11:05	g0tmi1k	Note Added: 0005953
2016-09-20 09:03	sbrun	Note Added: 0005956
2016-09-22 09:38	sbrun	Note Added: 0005975
2016-09-22 09:38	sbrun	Status	assigned => resolved
2016-09-22 09:38	sbrun	Resolution	open => fixed
2016-09-22 09:38	sbrun	Fixed in Version	=> 2017.1
2017-03-28 20:55	g0tmi1k	Relationship added	related to 0003935
2021-05-18 11:02	g0tmi1k	Category	New Tool Requests => Queued Tool Addition