[tags]winrm,windows,kerberos,authentication,privesc[/tags]
[short_descr]The ultimate WinRM shell for hacking/pentesting.[/short_descr]
[link] https://github.com/Hackplayers/evil-winrm [/link]
[long_descr]
WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system administrators.
Features:
Compatible to Linux and Windows client systems
Load in memory Powershell scripts
Load in memory dll files bypassing some AVs
Load in memory C# (C Sharp) assemblies bypassing some AVs
Load x64 payloads generated with awesome donut technique
Dynamic AMSI Bypass to avoid AV signatures
Pass-the-hash support
Kerberos auth support
SSL and certificates support
Upload and download files showing progress bar
List remote machine services without privileges
Command History
WinRM command completion
Local files/directories completion
Remote path (files/directories) completion (can be disabled optionally)
Colorization on prompt and output messages (can be disabled optionally)
Optional logging feature
Docker support (prebuilt images available at Dockerhub)
[tags]winrm,windows,kerberos,authentication,privesc[/tags] [short_descr]The ultimate WinRM shell for hacking/pentesting.[/short_descr] [link] https://github.com/Hackplayers/evil-winrm [/link] [long_descr] WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system administrators.
Features: