• Support
  • Forums
  • Blogs

WMI with NTLMv2

MMMM

New Life Form
+3
Hi there,

I'm trying to implement WMI and unfortunaltely find myself unable to get it working due to the implementation not working with NTLMv2.
With the never versions of Windows, NTLM v1 and LM are typically not enabled, nor are they considered safe anymore. 
Are there any plans to implement this? 

Sincerely,

Mark

Share post:

Best Answer

  • Answer ✓
    waaromzoveelaccounts,

    The engineering team is working on adding support for NTLMv2 in a future release. At this time, however, the appliance is limited to NTLMv1 connections.

Answers

  • Hello,

    Since debian/jessie update of the USM, wmi now supports Windows 2008 and Windows 2012.

    Checking the version of the wmi.

    AIO:/var/cache/apt/archives# wmic --version
    Version 4.0.0tp4-SVN-build-UNKNOWN

    AIO:/var/cache/apt/archives# zcat /usr/share/doc/wmi-client/changelog.gz
    winexe (1:0.2) stable; urgency=low

      * Initial release.

      * Sources:
        http://sourceforge.net/p/winexe/bugs/50/
        http://sourceforge.net/p/winexe/winexe-waf/ci/master/tree/
        https://github.com/Fantu/pkg-winexe
        http://ftp.samba.org/pub/samba/samba-4.1.12.tar.gz

     -- AlienVault package developers <[email protected]>  Thu, 21 Aug 2014 11:00:00 +0200

    the latest version supports Samba 4 which is now supporting NTLMv2.

    Regadrs,

    AJN
  • Hello,

    I just tested to a Windows 10 PRO version and it is working.


    [email protected]:/# wmic -U DOMAIN/administrator //Windows10 "select * from Win32_ComputerSystem"

    CLASS: Win32_ComputerSystem
    AdminPasswordStatus|AutomaticManagedPagefile|AutomaticResetBootOption|AutomaticResetCapability|BootOptionOnLimit|BootOptionOnWatchDog|BootROMSupported|BootupState|Caption|ChassisBootupState|CreationClassName|CurrentTimeZone|DaylightInEffect|Description|DNSHostName|Domain|DomainRole|EnableDaylightSavingsTime|FrontPanelResetStatus|HypervisorPresent|InfraredSupported|InitialLoadInfo|InstallDate|KeyboardPasswordStatus|LastLoadInfo|Manufacturer|Model|Name|NameFormat|NetworkServerModeEnabled|NumberOfLogicalProcessors|NumberOfProcessors|OEMLogoBitmap|OEMStringArray|PartOfDomain|PauseAfterReset|PCSystemType|PCSystemTypeEx|PowerManagementCapabilities|PowerManagementSupported|PowerOnPasswordStatus|PowerState|PowerSupplyState|PrimaryOwnerContact|PrimaryOwnerName|ResetCapability|ResetCount|ResetLimit|Roles|Status|SupportContactDescription|SystemStartupDelay|SystemStartupOptions|SystemStartupSetting|SystemType|ThermalState|TotalPhysicalMemory|UserName|WakeUpType|Workgroup
    3|True|True|True|0|0|True|Normal boot|TS|3|Win32_ComputerSystem|120|True|AT/AT COMPATIBLE|TS|eurocarnedom.local|3|True|3|True|False|NULL|(null)|3|(null)|Microsoft Corporation|Virtual Machine|TS|(null)|True|4|1|NULL|([MS_VM_CERT/SHA1/9b80ca0d5dd061ec9da4e494f4c3fd1196270c22],00000000000000000000000000000000,To be filed by MSFT)|True|3932100000|1|1|NULL|False|3|0|3|(null)|Usuario de Windows|1|-1|-1|(LM_Workstation,LM_Server,NT,Server_NT)|OK|NULL|0|NULL|0|x64-based PC|1|4294496256|EUROCARNEDOM\administrador|6|(null)

    Regards,

    AJN
Sign In or Register to comment.