- This topic has 1 reply, 2 voices, and was last updated 1 day, 19 hours ago by .
- You must be logged in to reply to this topic.
Tagged: WMI 101
PowerShell has gained popularity with SysAdmins and for good reason. It’s on every Windows machine (and now some Linux machines as well), has capabilities to interact with almost every service on every machine on the network, and it’s a command line utility. For the same exact reasons, PowerShell has also become a favorite method of attackers interacting with a victim machine. Because of this, organizations have gotten wise to this attack vector and have put measures in place to mitigate it’s use. But there’s another way! Many don’t know of another built-in Windows utility that actually pre-dates PowerShell and can also help them in their
hacking pentesting engagements. That tool is Windows Management Instrumentation (WMI). This tutorial will be a small introduction to not only understand the usage of WMI to enumerate information from local and remote machines, but we’ll also show you how to start and kill processes! So let’s jump into WMI 101 for pentesters.
[See the full article at: WMI 101 For Pentesters]
I hope this article covered the fundamentals of WMI usage and encouraged you to continue researching on your own. With that in mind, here’s a little homework. As with all useful technologies, there will eventually be a new version to expand on the capabilities proven by the previous version. Windows Management Instrumentation (WMI) is no different as it also has been updated to the Windows Management Infrastructure (MI). Microsoft says that MI is fully backwards compatible while reducing dev time and has tighter integration with Powershell. Go check it out and share what you discover.
– EH-Net Live! Still finalizing the details, so Stay Tuned for our next webinar coming on Thurs March 19 @ 1:00 PM EST. Reg Open Next Month!
– EH-Net Live! August – Video & Deck Available Now! for “Shellcode for the Masses” w/ John Hammond from Jan 29.
– EH-Net Live! December – Video & Deck Available Now! for “Burp-less Hacking – Learning Web Application Pentesting on a Budget” w/ Phillip Wylie from Dec 19.
– EH-Net Live! November – Video & Deck Available Now! for “All Things CTF!” w/ Ray Doyle of EverSecCTF from Nov 21.
– EH-Net Live! October – Video & Deck Available Now! for “Hacking Humans” w/ Hadnagy, Paul & Baron from Oct 29.
See all EH-Net Live! Videos
More on the EH-Net YouTube Channel
Copyright ©2020 Caendra, Inc.