Skip to content
/ WMIShell Public

Non-Persistent Remote Command Execution via WMI through PowerShell with NamedPipe or Windows Servic

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

joeavanzato/WMIShell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitattributes
.gitattributes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
WMIRemoteShell.ps1
WMIRemoteShell.ps1
 
 

Repository files navigation

WMIShell

Non-Persistent Remote Command Execution via WMI with NamedPipe or Windows Service

PowerShell tool to facilitate command-execution on remote targets with two methods.

1 - WMI with Windows Services

  • Sets up a Windows Service on remote target used as a temporary data container
  • Launches command via remote WMI
  • Command stdout stored in file -> Windows Service description
  • stdout retrieved via remote service read capabilities from WMI

2 - WMI Initialization of NamedPipe

  • WMI used to launch NamedPipe server stream on remote target
  • Commands sent from client to server and launched with all stdout returned via pipe

TODO

  • Additional initialization mechanisms beyond WMI (Service, Task, etc)
  • Better error handling
  • Fileless Service Mode
  • More options

About

Non-Persistent Remote Command Execution via WMI through PowerShell with NamedPipe or Windows Servic

Topics

shell powershell remote-execution wmi named-pipes windows-service offensive redteam

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages