Presented at
Wild West Hackin' Fest 2018,
Oct. 25, 2018, 8 a.m.
(105 minutes).
Offensive WMI Workshop (Session 1)WMI has recently been publicized for its offensive use cases. Attackers, and now red teams, are discovering how powerful WMI can be when used beyond its original intent. Even with the recent surge in WMI use, not everyone knows how to interact with it. This workshop intends to showcase how you can leverage WMI on assessments to do nearly anything you would want to do in a post-exploitation scenario. Want to read files, perform a directory listing, detect active user accounts, run commands (and receive their output), download/upload files, and do all of the above (plus more) remotely?
The goal for this workshop will be to enable students to walk away with an understanding of how WMI, a service installed and enabled by default since Windows 2000, is utilized by attackers, demystify interacting with the service locally and remotely, and give students the ability to leverage WMI in the same manner as attackers.
*Bio: Christopher Truncer (@ChrisTruncer) is a co-founder and red team lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing tools, WMImplant, EyeWitness, and other open-source software. Chris began developing tools that are not only designed for the offensive community, but can enhance the defensive community’s ability to defend their network as well.*
*This workshop is provided at no extra cost (Wild West Hackin’ Fest ticket is required), but is limited in participants. Be the first to know when registration opens by signing up for our emails!*
Presenters:
-
Christopher Truncer
- FortyNorth Security
as Chris Truncer
Christopher Truncer (@ChrisTruncer) is a co-founder and red team lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing tools, WMImplant, EyeWitness, and other open-source software. Chris began developing tools that are not only designed for the offensive community, but can enhance the defensive community's ability to defend their network as well.
Links:
Similar Presentations: