Link Search Menu Expand Document
Dendron - TLDR

nxc wmi

Pentest and exploit the Windows Management Instrumentation (WMI). More information: https://www.netexec.wiki/wmi-protocol.

  • Search for valid credentials by trying out every combination in the specified lists of [u]sernames and [p]asswords:

nxc wmi {{192.168.178.2}} -u {{path/to/usernames.txt}} -p {{path/to/passwords.txt}}

  • Authenticate via local authentication (as opposed to authenticating to the domain):

nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --local-auth

  • Issue the specified WMI query:

nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --wmi {{wmi_query}}

  • Execute the specified command on the targeted host:

nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --x {{command}}