View Issue Details

IDProjectCategoryView StatusLast Update
0003381Kali LinuxQueued Tool Additionpublic2021-05-18 11:02
Reporterg0tmi1k Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Fixed in Version2017.1 
Summary0003381: Wmiexec (Part of impacket collection)
Description

Name: Wmiexec
Version: 0.9.14
Homepage: https://github.com/CoreSecurity/impacket
Download: https://github.com/CoreSecurity/impacket/releases/download/impacket_0_9_14/impacket-0.9.14.tar.gz
Licence: Apache (https://github.com/CoreSecurity/impacket/blob/impacket_0_9_13/LICENSE)
Description:

What is Impacket?

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (for instance NMB, SMB1-3 and MS-DCERPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.

A description of some of the tools can be found at: http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Impacket


What is wmiexec?

A similar approach to smbexec but executing commands through WMI.
Main advantage here is it runs under the user (has to be Admin) account, not SYSTEM, plus, it doesn't generate noisy messages in the event log that smbexec.py does when creating a service.
Drawback is it needs DCOM, hence, I have to be able to access DCOM ports at the target machine.

Relationships

related to 0003935 resolvedsbrun smbserver (Part of impacket collection) 

Activities

g0tmi1k

g0tmi1k

2016-06-28 21:15

administrator   ~0005434

8 hours later, v0.9.15 got released....

rhertzog

rhertzog

2016-09-18 16:27

administrator   ~0005944

What's the relation between Impacket and wmiexec? Also how does it compare to winexe?

g0tmi1k

g0tmi1k

2016-09-19 11:05

administrator   ~0005952

wmiexec is a specific tool within the impacket package, from the “Examples” directory ~ https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py

g0tmi1k

g0tmi1k

2016-09-19 11:05

administrator   ~0005953

Can we update the python-impacket package to run from upstream (https://github.com/CoreSecurity/impacket) rather than Debian testing?
Upstream updates frequently and has functionality benefits over the currently packaged version.
In addition, some of the example tools in the suite are very useful for pentesting, would be nice to have tools such as “wmiexec.py” available through the $PATH"

sbrun

sbrun

2016-09-20 09:03

manager   ~0005956

There are many examples in impacket. I will pollute a little /usr/bin if I put all the examples in this directory. Do you have a list of which one are important? or you prefer to have all of them in the path?

sbrun

sbrun

2016-09-22 09:38

manager   ~0005975

I uploaded a new version 0.9.15-0kali2 with helper scripts for the 5 examples mentioned:
impacket-wmiexec
impacket-netview
...

We added "impacket-" to avoid conflict with other binaries from other packages.

Issue History

Date Modified Username Field Change
2016-06-28 10:24 g0tmi1k New Issue
2016-06-28 10:26 g0tmi1k Description Updated
2016-06-28 21:15 g0tmi1k Note Added: 0005434
2016-09-18 16:27 rhertzog Note Added: 0005944
2016-09-18 16:27 rhertzog Assigned To => sbrun
2016-09-18 16:27 rhertzog Status new => assigned
2016-09-19 11:05 g0tmi1k Note Added: 0005952
2016-09-19 11:05 g0tmi1k Note Added: 0005953
2016-09-20 09:03 sbrun Note Added: 0005956
2016-09-22 09:38 sbrun Note Added: 0005975
2016-09-22 09:38 sbrun Status assigned => resolved
2016-09-22 09:38 sbrun Resolution open => fixed
2016-09-22 09:38 sbrun Fixed in Version => 2017.1
2017-03-28 20:55 g0tmi1k Relationship added related to 0003935
2021-05-18 11:02 g0tmi1k Category New Tool Requests => Queued Tool Addition