commit
e0c97c46d6
@ -240,31 +240,30 @@ Protocol_Name: WinRM #Protocol Abbreviation if there is one.
|
|||||||
Port_Number: 5985 #Comma separated if there is more than one.
|
Port_Number: 5985 #Comma separated if there is more than one.
|
||||||
Protocol_Description: Windows Remote Managment #Protocol Abbreviation Spelled out
|
Protocol_Description: Windows Remote Managment #Protocol Abbreviation Spelled out
|
||||||
|
|
||||||
Name: Notes
|
Entry_1:
|
||||||
Description: Notes for WinRM
|
Name: Notes
|
||||||
Note: """
|
Description: Notes for WinRM
|
||||||
Windows Remote Management (WinRM) is a Microsoft protocol that allows remote management of Windows machines over HTTP(S) using SOAP. On the backend it's utilising WMI, so you can think of it as an HTTP based API for WMI.
|
Note: |
|
||||||
|
Windows Remote Management (WinRM) is a Microsoft protocol that allows remote management of Windows machines over HTTP(S) using SOAP. On the backend it's utilising WMI, so you can think of it as an HTTP based API for WMI.
|
||||||
|
|
||||||
#sudo gem install winrm winrm-fs colorize stringio
|
sudo gem install winrm winrm-fs colorize stringio
|
||||||
git clone https://github.com/Hackplayers/evil-winrm.git
|
git clone https://github.com/Hackplayers/evil-winrm.git
|
||||||
cd evil-winrm
|
cd evil-winrm
|
||||||
ruby evil-winrm.rb -i 192.168.1.100 -u Administrator -p ‘MySuperSecr3tPass123!’
|
ruby evil-winrm.rb -i 192.168.1.100 -u Administrator -p ‘MySuperSecr3tPass123!’
|
||||||
|
|
||||||
https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/
|
https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/
|
||||||
|
|
||||||
ruby evil-winrm.rb -i 10.10.10.169 -u melanie -p 'Welcome123!' -e /root/Desktop/Machines/HTB/Resolute/
|
ruby evil-winrm.rb -i 10.10.10.169 -u melanie -p 'Welcome123!' -e /root/Desktop/Machines/HTB/Resolute/
|
||||||
^^so you can upload binary's from that directory or -s to upload scripts (sherlock)
|
^^so you can upload binary's from that directory or -s to upload scripts (sherlock)
|
||||||
menu
|
menu
|
||||||
invoke-binary `tab`
|
invoke-binary `tab`
|
||||||
|
|
||||||
|
#python3
|
||||||
|
import winrm
|
||||||
|
s = winrm.Session('windows-host.example.com', auth=('john.smith', 'secret'))
|
||||||
|
print(s.run_cmd('ipconfig'))
|
||||||
|
print(s.run_ps('ipconfig'))
|
||||||
|
|
||||||
#python3
|
https://book.hacktricks.xyz/pentesting/pentesting-winrm
|
||||||
import winrm
|
```
|
||||||
s = winrm.Session('windows-host.example.com', auth=('john.smith', 'secret'))
|
|
||||||
print(s.run_cmd('ipconfig'))
|
|
||||||
print(s.run_ps('ipconfig'))
|
|
||||||
|
|
||||||
https://book.hacktricks.xyz/pentesting/pentesting-winrm
|
|
||||||
"""
|
|
||||||
```
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user