tldr/pages/common/nxc-wmi.md

# nxc wmi

> Pentest and exploit the Windows Management Instrumentation (WMI).
> More information: <https://www.netexec.wiki/wmi-protocol>.

- Search for valid credentials by trying out every combination in the specified lists of [u]sernames and [p]asswords:

`nxc wmi {{192.168.178.2}} -u {{path/to/usernames.txt}} -p {{path/to/passwords.txt}}`

- Authenticate via local authentication (as opposed to authenticating to the domain):

`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --local-auth`

- Issue the specified WMI query:

`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --wmi {{wmi_query}}`

- Execute the specified command on the targeted host:

`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --x {{command}}`
nxc-wmi: add page (#14364) * nxc-wm Co-authored-by: Wiktor Perskawiec <git@spageektti.cc> 2024-10-31 22:43:58 +01:00			`# nxc wmi`

			`> Pentest and exploit the Windows Management Instrumentation (WMI).`
			`> More information: <https://www.netexec.wiki/wmi-protocol>.`

			`- Search for valid credentials by trying out every combination in the specified lists of [u]sernames and [p]asswords:`

			`nxc wmi {{192.168.178.2}} -u {{path/to/usernames.txt}} -p {{path/to/passwords.txt}}`

			`- Authenticate via local authentication (as opposed to authenticating to the domain):`

			`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --local-auth`

			`- Issue the specified WMI query:`

			`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --wmi {{wmi_query}}`

			`- Execute the specified command on the targeted host:`

			`nxc wmi {{192.168.178.2}} -u {{username}} -p {{password}} --x {{command}}`