ctome
/
tldr
mirror of https://github.com/CrimsonTome/tldr.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

evil-winrm: add page (#3956) 

Co-authored-by: Zlatan Vasović <zlatanvasovic@gmail.com>
client-spec/clarity
Alex 2020-04-06 12:59:55 +02:00 committed by GitHub
parent acb8af9307
commit 0b4f5233af
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
pages/common/evil-winrm.md Normal file
View File

@ -0,0 +1,37 @@
# evil-winrm
> Windows Remote Management (WinRM) shell for pentesting.
> Once connected, we get a PowerShell prompt on the target host.
> More information: <https://github.com/Hackplayers/evil-winrm>.
- Connect to a host:
`evil-winrm --ip {{ip}} --user {{user}} --password {{password}}`
- Connect to a host, passing the password hash:
`evil-winrm --ip {{ip}} --user {{user}} --hash {{nt_hash}}`
- Connect to a host, specifying folders for scripts and executables:
`evil-winrm --ip {{ip}} --user {{user}} --password {{password}} --scripts {{path/to/scripts}} --executables {{path/to/executables}}`
- Connect to a host, using SSL:
`evil-winrm --ip {{ip}} --user {{user}} --password {{password}} --ssl --pub-key {{path/to/pubkey}} --priv-key {{path/to/privkey}}`
- Upload a file to the host:
`PS > upload {{path/to/local/file}} {{path/to/remote/file}}`
- Get a list of loaded PowerShell functions:
`PS > menu`
- Load a PowerShell script from the `--scripts` folder:
`PS > {{script.ps1}}`
- Invoke a binary on the host from the `--executables` folder:
`PS > Invoke-Binary {{binary.exe}}`