-
Notifications
You must be signed in to change notification settings - Fork 11
Expand file tree
/
Copy pathservices.config
More file actions
41 lines (37 loc) · 1.3 KB
/
Copy pathservices.config
File metadata and controls
41 lines (37 loc) · 1.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# make sure wmiexec.py is in your path
# if you're in a virtualenv, you can do something like this:
# $ export PATH=/root/.local/share/virtualenvs/impacket-asdfasdf/bin:$PATH
[CREDENTIALS]
# NOTE: If you want to use a kerberos ticket, export KRB5CCNAME and leave password blank
Username=admin
Password=password
# domain in example.local format
Domain=
# hashes in LM:NTLM format
Hashes=
# abort after this many *consecutive* failed logins
ConsecutiveFailedLogonLimit=3
[SERVICES]
# friendly name for CSV # string to look for in "sc query" output (case-insensitive)
WMI =WINDOWS MANAGEMENT INSTRUMENTATION
Defender =WINDEFEND
Symantec =SEPMASTERSERVICE
Altiris =SYMANTEC MANAGEMENT AGENT
Cisco FireAMP =CISCO AMP
Cisco AnyConnect =ANYCONNECT
Snare =SNARE
Malwarebytes =MALWAREBYTES
Ivanti =LANDESK
Sophos =SOPHOS
Webroot =WRSVC
Kaseya =KASEYA AGENT
Carbon Black =CBDEFENSE
Red Cloak =DELL SECUREWORKS RED CLOAK
Splunk =SPLUNKFORWARDER
BitDefender =MANAGEDANTIVIRUS
SolarWinds =SOLARWINDS
CrowdStrike =CSFALCONSERVICE
[EXECUTION]
Timeout=20
Method=wmiexec.py
Threads=20