Hacking 101 Windows Attack

WMI Attacks

WMI 101 WMI = Windows Management Instrumentation –> Microsoft implementationn of CIM (Common Information Model) and WBEM (Web Based Enterprise Management).–> Provides a uniform interface for applications/scripts to manage a local or remote computer or network. WMIC = Command-Line interface for WMI WMI Components https://0xinfection.github.io/posts/wmi-classes-methods-part-2/ WMI utilities Linux Manaed Object Format (MOF) files Use to […]

Hacking 101 Windows Attack

Common PowerShell Attacks

PowerShell basics PowerShell scripts can used multiple things such as: PowerShell Download and execute in memory of PowerShell: PowerShell and Active Directory Domain Enumeration Using .NET Classes Enumeration can be done by using Native Executables and .NET classes: Using the DirectoryServices.ActiveDirectory.Domain class and then static method GetCurrentDomain() Get the name of the current forest Using […]

Windows Attack

Common Windows Attack Techniques

Commonalities Among Windows-Based Vulnerabilities All common operating systems, regardless of vendor or platform, have vulnerabilities. Although APTs and nation-state actors might keep vulnerabilities they discover to themselves, most vulnerabilities are well-documented with exploits that are available to the public. On any particular platform, many vulnerabilities have common traits. Vulnerabilities for Windows-based operating systems have the […]