| description |
|---|
Windows Remote Management (WinRM) is a remote management tool that allows a user to connect to a remote machine via command-line interface (CLI). |
- Provides remote access to Windows machines.
- With password OR hash.
- Remember that when we see these ports open, we will have a 99% chance of utilizing Evil-WinRM to connect to the box.
-
Use the —laps option with CrackMapExec.
crackmapexec winrm 192.168.1.0/24 -u user -p password --laps
crackmapexec winrm 192.168.1.0/24 -u usernames -p passwords --no-bruteforcecrackmapexec winrm 192.168.1.0/24 -u user -p passwordEvil-WinRM (Tool)
CrackMapExec