Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#45 Problem in executing wmic commands using winexe

none
closed-fixed
nobody
None
medium
2015-03-21
2014-02-04
nags_1980
No

I built static winexe(latest code from git current repo) on Cent OS 6.3 using Samba 4.0.14.

When i executed the below command, i got the expected output.

./winexe-static -U Administrator%cisco123 //10.105.35.79 ipconfig

But when i executed the below wmic command, it hangs indefinitely.

./winexe-static -d 9 -U Administrator%cisco123 //10.105.35.79 'wmic computersystem get model'
INFO: Current debug levels:
all: 9
tdb: 9
printdrivers: 9
lanman: 9
smb: 9
rpc_parse: 9
rpc_srv: 9
rpc_cli: 9
passdb: 9
sam: 9
auth: 9
winbind: 9
vfs: 9
idmap: 9
quota: 9
acls: 9
locking: 9
msdfs: 9
dmapi: 9
registry: 9
scavenger: 9
dns: 9
ldb: 9
winexe version 1.1
This program may be freely redistributed under the terms of the GNU GPLv3
added interface eth0 ip=10.105.37.141 bcast=10.105.37.255 netmask=255.255.255.0
added interface eth0 ip=10.105.37.141 bcast=10.105.37.255 netmask=255.255.255.0
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
Could not test socket option SO_REUSEPORT.
SO_SNDBUF = 23720
SO_RCVBUF = 87380
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
Starting GENSEC mechanism spnego
Server claims it's principal name is dcntools-w2k3$@PRIME.CISCO.COM
Starting GENSEC submechanism gssapi_krb5
Cannot do GSSAPI to an IP address
Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_INVALID_PARAMETER
Starting GENSEC submechanism ntlmssp
Got challenge flags:
Got NTLMSSP neg_flags=0x62898215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
IN: async_open(\ahexec, 2)
IN: async_open_recv
CTRL: Sending command: get version
CTRL: Received: version 0x0064
CTRL: Sending command: run wmic computersystem get model
CTRL: Received: std_io_err 12EC0093
IN: async_open(\ahexec_stdin12EC0093, 2)
IN: async_open(\ahexec_stdout12EC0093, 2)
IN: async_open(\ahexec_stderr12EC0093, 2)
IN: async_open_recv
IN: async_open_recv
IN: async_open_recv

Please let me know, is it expected or am i missing something.

Discussion

  • ahajda
    ahajda
    2014-03-12

    Sorry for late reply. I suppose winexe do not hang, it just starts wmic and wmic waits for real console. You can try to fool wmic by using pipeline:
    winexe .... "cmd.exe /c echo . | wmic ..."

     
  • Thomas Hood
    Thomas Hood
    2014-03-13

    • status: open --> incomplete
    • Group: 1.1 --> none
     
  • ahajda
    ahajda
    2014-11-12

    • status: incomplete --> closed-fixed