2017-09-25 18:44 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0003381Kali Linux[All Projects] New Tool Requestspublic2017-08-30 18:54
Reporterg0tmi1k 
Assigned Tosbrun 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusresolvedResolutionfixed 
Product Version 
Target VersionFixed in Version2017.1 
Summary0003381: Wmiexec (Part of impacket collection)
DescriptionName: Wmiexec
Version: 0.9.14
Homepage: https://github.com/CoreSecurity/impacket
Download: https://github.com/CoreSecurity/impacket/releases/download/impacket_0_9_14/impacket-0.9.14.tar.gz
Licence: Apache (https://github.com/CoreSecurity/impacket/blob/impacket_0_9_13/LICENSE)
Description:

## What is Impacket?
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (for instance NMB, SMB1-3 and MS-DCERPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.

A description of some of the tools can be found at: http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Impacket

- - -

## What is wmiexec?

A similar approach to smbexec but executing commands through WMI.
Main advantage here is it runs under the user (has to be Admin) account, not SYSTEM, plus, it doesn't generate noisy messages in the event log that smbexec.py does when creating a service.
Drawback is it needs DCOM, hence, I have to be able to access DCOM ports at the target machine.
Attached Files

-Relationships
related to 0003935resolvedsbrun smbserver (Part of impacket collection) 
+Relationships

-Notes

~0005434

g0tmi1k (administrator)

8 hours later, v0.9.15 got released....

~0005944

rhertzog (administrator)

What's the relation between Impacket and wmiexec? Also how does it compare to winexe?

~0005952

g0tmi1k (administrator)

wmiexec is a specific tool within the impacket package, from the “Examples” directory ~ https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py

~0005953

g0tmi1k (administrator)

Can we update the python-impacket package to run from upstream (https://github.com/CoreSecurity/impacket) rather than Debian testing?
Upstream updates frequently and has functionality benefits over the currently packaged version.
In addition, some of the example tools in the suite are very useful for pentesting, would be nice to have tools such as “wmiexec.py” available through the $PATH"

~0005956

sbrun (manager)

There are many examples in impacket. I will pollute a little /usr/bin if I put all the examples in this directory. Do you have a list of which one are important? or you prefer to have all of them in the path?

~0005975

sbrun (manager)

I uploaded a new version 0.9.15-0kali2 with helper scripts for the 5 examples mentioned:
impacket-wmiexec
impacket-netview
...

We added "impacket-" to avoid conflict with other binaries from other packages.
+Notes

-Issue History
Date Modified Username Field Change
2016-06-28 10:24 g0tmi1k New Issue
2016-06-28 10:26 g0tmi1k Description Updated View Revisions
2016-06-28 21:15 g0tmi1k Note Added: 0005434
2016-09-18 16:27 rhertzog Note Added: 0005944
2016-09-18 16:27 rhertzog Assigned To => sbrun
2016-09-18 16:27 rhertzog Status new => assigned
2016-09-19 11:05 g0tmi1k Note Added: 0005952
2016-09-19 11:05 g0tmi1k Note Added: 0005953
2016-09-20 09:03 sbrun Note Added: 0005956
2016-09-22 09:38 sbrun Note Added: 0005975
2016-09-22 09:38 sbrun Status assigned => resolved
2016-09-22 09:38 sbrun Resolution open => fixed
2016-09-22 09:38 sbrun Fixed in Version => 2017.1
2017-03-28 20:55 g0tmi1k Relationship added related to 0003935
+Issue History