coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #184 from CoolHandSquid/5985_Yaml

Browse Source 
Yaml Format
This commit is contained in:
Carlos Polop 2021-08-15 23:54:55 +02:00 committed by GitHub
commit e0c97c46d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
pentesting/5985-5986-pentesting-winrm.md
View File

@ -240,31 +240,30 @@ Protocol_Name: WinRM #Protocol Abbreviation if there is one.
Port_Number: 5985 #Comma separated if there is more than one.
Protocol_Description: Windows Remote Managment #Protocol Abbreviation Spelled out
Name: Notes
Description: Notes for WinRM
Note: """
Windows Remote Management (WinRM) is a Microsoft protocol that allows remote management of Windows machines over HTTP(S) using SOAP. On the backend it's utilising WMI, so you can think of it as an HTTP based API for WMI.
Entry_1:
Name: Notes
Description: Notes for WinRM
Note: |
Windows Remote Management (WinRM) is a Microsoft protocol that allows remote management of Windows machines over HTTP(S) using SOAP. On the backend it's utilising WMI, so you can think of it as an HTTP based API for WMI.
#sudo gem install winrm winrm-fs colorize stringio
git clone https://github.com/Hackplayers/evil-winrm.git
cd evil-winrm
ruby evil-winrm.rb -i 192.168.1.100 -u Administrator -p MySuperSecr3tPass123!
sudo gem install winrm winrm-fs colorize stringio
git clone https://github.com/Hackplayers/evil-winrm.git
cd evil-winrm
ruby evil-winrm.rb -i 192.168.1.100 -u Administrator -p MySuperSecr3tPass123!
https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/
https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/
ruby evil-winrm.rb -i 10.10.10.169 -u melanie -p 'Welcome123!' -e /root/Desktop/Machines/HTB/Resolute/
^^so you can upload binary's from that directory or -s to upload scripts (sherlock)
menu
invoke-binary `tab`
ruby evil-winrm.rb -i 10.10.10.169 -u melanie -p 'Welcome123!' -e /root/Desktop/Machines/HTB/Resolute/
^^so you can upload binary's from that directory or -s to upload scripts (sherlock)
menu
invoke-binary `tab`
#python3
import winrm
s = winrm.Session('windows-host.example.com', auth=('john.smith', 'secret'))
print(s.run_cmd('ipconfig'))
print(s.run_ps('ipconfig'))
#python3
import winrm
s = winrm.Session('windows-host.example.com', auth=('john.smith', 'secret'))
print(s.run_cmd('ipconfig'))
print(s.run_ps('ipconfig'))
https://book.hacktricks.xyz/pentesting/pentesting-winrm
"""
```
https://book.hacktricks.xyz/pentesting/pentesting-winrm
```