By: Chris Truncer and Jared Blatt
With its rise in popularity over the past few years, attackers, both white hat and black hat, have embraced the functionality of WMI and are leveraging it to enumerate information, attack systems, and gather sensitive data. This will be a lab driven workshop where we will walk attendees from interacting with WMI, gathering data on remote systems, code execution, interacting with remote processes, manipulating services, and more. This workshop will require attendees to have a either a Windows computer, or Windows virtual machine, as we will be writing code throughout the workshop.