O'Reilly logo

Kali Linux Intrusion and Exploitation Cookbook by Ishan Girdhar, Dhruv Shah

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using WMIC to find privilege-escalation vulnerabilities

In this recipe, we will understand how an attacker gains an insight of escalating privileges through WMIC. WMIC extends WMI for operation from several command-line interfaces and through batch scripts. WMI stands for Windows Management Instrumentation. WMIC can be used, apart from several other things, to query the patches that are installed on the system. To better understand it provides a list of all the details of the security patches installed during a Windows update or manual patches being put into place. They usually look like (KBxxxxx).

Getting ready

To demonstrate this, we will require a Windows 7 machine with a minimum of two cores. If we are testing it in the VM, we can set the number ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required