💾 Archived View for freeshell.de › tldr › evil-winrm.gmi captured on 2023-07-10 at 14:27:32. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-04-28)

-=-=-=-=-=-=-

evil-winrm

Windows Remote Management (WinRM) shell for pentesting.

Once connected, we get a PowerShell prompt on the target host.

More information.

• Connect to a host:

evil-winrm --ip {ip} --user {user} --password {password}

• Connect to a host, passing the password hash:

evil-winrm --ip {ip} --user {user} --hash {nt_hash}

• Connect to a host, specifying directories for scripts and executables:

evil-winrm --ip {ip} --user {user} --password {password} --scripts {path/to/scripts} --executables {path/to/executables}

• Connect to a host, using SSL:

evil-winrm --ip {ip} --user {user} --password {password} --ssl --pub-key {path/to/pubkey} --priv-key {path/to/privkey}

• Upload a file to the host:

PS > upload {path/to/local/file} {path/to/remote/file}

• Get a list of loaded PowerShell functions:

PS > menu

• Load a PowerShell script from the `--scripts` directory:

PS > {script.ps1}

• Invoke a binary on the host from the `--executables` directory:

PS > Invoke-Binary {binary.exe}

Copyright © 2014—present the tldr-pages team and contributors.

This work is licensed under the Creative Commons Attribution 4.0 International License (CC-BY).

CC-BY