impacket icon indicating copy to clipboard operation
impacket copied to clipboard
verified publisher icon fortra

Implement impersonation possibilities for DCOM connections

Open 0xShkk opened this issue 1 year ago • 0 comments

Configuration

impacket version: v0.12.0 Python version: 3.11 Target OS: Windows 10

It would be great to be able to specify the impersonation level when dealing with WMI connections. For this, the WMI context needs to be adjustable to use RPC_C_IMP_LEVEL_IMPERSONATE, as described in com-impersonation-level-constants. For example, when using PowerShell with WMI it is possible to impersonate SYSTEM by doing

Get-WmiObject -Namespace "root\cimv2" -Class Win32_Process -Impersonation 3 -ComputerName Computer_B

This must be possible for remote connections as well, similar to beeing able to specify the auth level.

Additional context

When a WMI connection is established, one is not performing actions as SYSTEM when the RPC_C_IMP_LEVEL_IMPERSONATE is not set.

0xShkk avatar Oct 05 '24 09:10 0xShkk