├── README.md ├── img ├── 360_av.png ├── AV_EDR_QUERY.png ├── Disable_pth_rdp_login.png ├── Enable_User.png ├── Enable_Winrm.png ├── Enable_pth_rdp_login.png ├── Enable_rdp.png ├── RDP_disable.png ├── Users_query.png ├── check2.png ├── check3.png ├── check_firewall.png ├── cleartrace.png ├── delete_file.png ├── disable_firewall_rule.png ├── enable_firewall_role.png ├── fake_shell.png ├── fake_shell2.png ├── firewall_query.png ├── get_process.png ├── ls_path.png ├── query1a.png ├── query3.png ├── query_all_firewall_rule.png ├── query_disable_firewall_rule.png ├── query_enable_firewall_rule.png ├── query_enable_inbound_firewall_rule.png ├── query_enable_outbound_firewall_rule.png ├── rdp_shadow.png ├── readfile.png ├── rid_hijack.gif ├── stop_FIrewall.png ├── stop_winrm.png ├── winrm_firewall.png ├── write_file.png └── write_file2.png ├── module ├── FirewallRule_setting.py ├── Firewall_setting.py ├── __init__.py ├── check.py ├── checkError.py ├── clearEventLog.py ├── cleartrace.py ├── cmdrun.py ├── cmdrun2.py ├── dumpLsass.py ├── enable_pth_login_rdp.py ├── files.py ├── getProcessList.py ├── listdir.py ├── printReply.py ├── rdpsetting.py ├── ridhijack.py ├── userquery.py ├── vbsrun.py ├── winrm_enable.py └── wmiconnect.py ├── output ├── clearEventLog.vbs ├── dele_file.vbs ├── delete_file.vbs ├── exec2_command.vbs ├── exec_command_read.vbs ├── listdir.vbs ├── readfile.vbs ├── reg_permission.vbs └── writeFile.vbs ├── vbs ├── clearEventLog.vbs ├── cleartrace.vbs ├── dele_file.vbs ├── delete_file.vbs ├── exec2_command.vbs ├── exec_command_read.vbs ├── listdir.vbs ├── readfile.vbs ├── reg_permission.vbs ├── regini.vbs └── writeFile.vbs └── wmi_query.py /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/README.md -------------------------------------------------------------------------------- /img/360_av.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/360_av.png -------------------------------------------------------------------------------- /img/AV_EDR_QUERY.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/AV_EDR_QUERY.png -------------------------------------------------------------------------------- /img/Disable_pth_rdp_login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Disable_pth_rdp_login.png -------------------------------------------------------------------------------- /img/Enable_User.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Enable_User.png -------------------------------------------------------------------------------- /img/Enable_Winrm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Enable_Winrm.png -------------------------------------------------------------------------------- /img/Enable_pth_rdp_login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Enable_pth_rdp_login.png -------------------------------------------------------------------------------- /img/Enable_rdp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Enable_rdp.png -------------------------------------------------------------------------------- /img/RDP_disable.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/RDP_disable.png -------------------------------------------------------------------------------- /img/Users_query.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/Users_query.png -------------------------------------------------------------------------------- /img/check2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/check2.png -------------------------------------------------------------------------------- /img/check3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/check3.png -------------------------------------------------------------------------------- /img/check_firewall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/check_firewall.png -------------------------------------------------------------------------------- /img/cleartrace.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/cleartrace.png -------------------------------------------------------------------------------- /img/delete_file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/delete_file.png -------------------------------------------------------------------------------- /img/disable_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/disable_firewall_rule.png -------------------------------------------------------------------------------- /img/enable_firewall_role.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/enable_firewall_role.png -------------------------------------------------------------------------------- /img/fake_shell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/fake_shell.png -------------------------------------------------------------------------------- /img/fake_shell2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/fake_shell2.png -------------------------------------------------------------------------------- /img/firewall_query.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/firewall_query.png -------------------------------------------------------------------------------- /img/get_process.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/get_process.png -------------------------------------------------------------------------------- /img/ls_path.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/ls_path.png -------------------------------------------------------------------------------- /img/query1a.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query1a.png -------------------------------------------------------------------------------- /img/query3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query3.png -------------------------------------------------------------------------------- /img/query_all_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query_all_firewall_rule.png -------------------------------------------------------------------------------- /img/query_disable_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query_disable_firewall_rule.png -------------------------------------------------------------------------------- /img/query_enable_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query_enable_firewall_rule.png -------------------------------------------------------------------------------- /img/query_enable_inbound_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query_enable_inbound_firewall_rule.png -------------------------------------------------------------------------------- /img/query_enable_outbound_firewall_rule.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/query_enable_outbound_firewall_rule.png -------------------------------------------------------------------------------- /img/rdp_shadow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/rdp_shadow.png -------------------------------------------------------------------------------- /img/readfile.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/readfile.png -------------------------------------------------------------------------------- /img/rid_hijack.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/rid_hijack.gif -------------------------------------------------------------------------------- /img/stop_FIrewall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/stop_FIrewall.png -------------------------------------------------------------------------------- /img/stop_winrm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/stop_winrm.png -------------------------------------------------------------------------------- /img/winrm_firewall.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/winrm_firewall.png -------------------------------------------------------------------------------- /img/write_file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/write_file.png -------------------------------------------------------------------------------- /img/write_file2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/img/write_file2.png -------------------------------------------------------------------------------- /module/FirewallRule_setting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/FirewallRule_setting.py -------------------------------------------------------------------------------- /module/Firewall_setting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/Firewall_setting.py -------------------------------------------------------------------------------- /module/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/__init__.py -------------------------------------------------------------------------------- /module/check.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/check.py -------------------------------------------------------------------------------- /module/checkError.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/checkError.py -------------------------------------------------------------------------------- /module/clearEventLog.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/clearEventLog.py -------------------------------------------------------------------------------- /module/cleartrace.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/cleartrace.py -------------------------------------------------------------------------------- /module/cmdrun.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/cmdrun.py -------------------------------------------------------------------------------- /module/cmdrun2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/cmdrun2.py -------------------------------------------------------------------------------- /module/dumpLsass.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/dumpLsass.py -------------------------------------------------------------------------------- /module/enable_pth_login_rdp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/enable_pth_login_rdp.py -------------------------------------------------------------------------------- /module/files.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/files.py -------------------------------------------------------------------------------- /module/getProcessList.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/getProcessList.py -------------------------------------------------------------------------------- /module/listdir.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/listdir.py -------------------------------------------------------------------------------- /module/printReply.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/printReply.py -------------------------------------------------------------------------------- /module/rdpsetting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/rdpsetting.py -------------------------------------------------------------------------------- /module/ridhijack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/ridhijack.py -------------------------------------------------------------------------------- /module/userquery.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/userquery.py -------------------------------------------------------------------------------- /module/vbsrun.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/vbsrun.py -------------------------------------------------------------------------------- /module/winrm_enable.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/winrm_enable.py -------------------------------------------------------------------------------- /module/wmiconnect.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/module/wmiconnect.py -------------------------------------------------------------------------------- /output/clearEventLog.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/clearEventLog.vbs -------------------------------------------------------------------------------- /output/dele_file.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/dele_file.vbs -------------------------------------------------------------------------------- /output/delete_file.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/delete_file.vbs -------------------------------------------------------------------------------- /output/exec2_command.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/exec2_command.vbs -------------------------------------------------------------------------------- /output/exec_command_read.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/exec_command_read.vbs -------------------------------------------------------------------------------- /output/listdir.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/listdir.vbs -------------------------------------------------------------------------------- /output/readfile.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/readfile.vbs -------------------------------------------------------------------------------- /output/reg_permission.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/reg_permission.vbs -------------------------------------------------------------------------------- /output/writeFile.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/output/writeFile.vbs -------------------------------------------------------------------------------- /vbs/clearEventLog.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/clearEventLog.vbs -------------------------------------------------------------------------------- /vbs/cleartrace.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/cleartrace.vbs -------------------------------------------------------------------------------- /vbs/dele_file.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/dele_file.vbs -------------------------------------------------------------------------------- /vbs/delete_file.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/delete_file.vbs -------------------------------------------------------------------------------- /vbs/exec2_command.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/exec2_command.vbs -------------------------------------------------------------------------------- /vbs/exec_command_read.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/exec_command_read.vbs -------------------------------------------------------------------------------- /vbs/listdir.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/listdir.vbs -------------------------------------------------------------------------------- /vbs/readfile.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/readfile.vbs -------------------------------------------------------------------------------- /vbs/reg_permission.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/reg_permission.vbs -------------------------------------------------------------------------------- /vbs/regini.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/regini.vbs -------------------------------------------------------------------------------- /vbs/writeFile.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/vbs/writeFile.vbs -------------------------------------------------------------------------------- /wmi_query.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiushill/wmi-hack-py/HEAD/wmi_query.py --------------------------------------------------------------------------------