Hacking 101 Windows Attack

WMI Attacks

WMI 101 WMI = Windows Management Instrumentation –> Microsoft implementationn of CIM (Common Information Model) and WBEM (Web Based Enterprise Management).–> Provides a uniform interface for applications/scripts to manage a local or remote computer or network. WMIC = Command-Line interface for WMI WMI Components https://0xinfection.github.io/posts/wmi-classes-methods-part-2/ WMI utilities Linux Manaed Object Format (MOF) files Use to […]

Hacking 101 Windows Attack

Common PowerShell Attacks

PowerShell basics PowerShell scripts can used multiple things such as: PowerShell Download and execute in memory of PowerShell: PowerShell and Active Directory Domain Enumeration Using .NET Classes Enumeration can be done by using Native Executables and .NET classes: Using the DirectoryServices.ActiveDirectory.Domain class and then static method GetCurrentDomain() Get the name of the current forest Using […]