CSbyGB - Pentips

CS By GB - PenTips
- Welcome to CSbyGB's Pentips
Networking, Protocols and Network pentest
- Basics
- DNS
- FTP
- HTTP & HTTPS
- IMAP
- IPMI
- MSSQL
- MYSQL
- NFS
- Oracle TNS
- POP3
- RDP
- RPC
- Rservices
- Rsync
- SMB
- SMTP
- SNMP
- SSH
- Winrm
- WMI
Ethical Hacking - General Methodology
External Pentest
- External Pentest
Web Pentesting
Mobile App Pentest
- Android
- IOS
Wireless Pentest
- Wireless pentest
Cloud Pentest
Thick Client Pentest
- Thick Client
Hardware Pentest
- ATM
- IoT
Secure Code Review
- Secure code review
- Java notes for Secure Code Review
AI Pentest
Checklist
Tools
VM and Labs
- General tips
- Setup your pentest lab
Linux
Windows
Programming
Binary Exploitation
OSINT
Pentester hardware toolbox
Post Exploitation
Reporting
- How to report your findings
Red Team
Writeups
Digital skills
Durable skills
- Durable skills wheel/Roue des compétences durables
Projects
- Projects
  - Technical Projects
  - General Projects
Talks
Resources
- A list of random resources

Powered by GitBook

On this page

Install evil-winrm:
Get shell after successful enumeration
Using a password
Using an hash
Resources

Evil Winrm

PreviousNuclei NextMetasploit

Last updated 2 years ago

Install evil-winrm:

sudo gem install evil-winrm

Get shell after successful enumeration

Using a password

evil-winrm -i <target-ip> -u <username> -p <password-with-quotes>
Example evil-winrm -i 10.10.10.172 -u mhope -p '4n0therD4y@n0th3r$'

Using an hash

evil-winrm -i <target-ip> -u <username> -H HASH
Example evil-winrm -i 10.0.0.20 -u user -H BD1C6503987F8FF006296118F359FA79

Note with an hash like this aad3b435b51404eeaad3b435b51404ee:823452073d75b9d1cf70ebdf86c7f98e we use the second part to be able to connect so this 823452073d75b9d1cf70ebdf86c7f98e It should work both with and without quotes

Resources