Tech News - HakTechs

WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object

WSMan-WinRM - A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object

A collection of evidence-of-strategy supply code and scripts for executing remote commands more than WinRM working with the WSMan.Automation COM object.

History

For background information, please refer to the pursuing site write-up: WS-Administration COM: An additional Solution for WinRM Lateral Movement

Notes

  • SharpWSManWinRM.cs and CppWsManWinRM.cpp compile in Visible Studio 2019. Refer to the code comments for demanded imports/references/and many others.
  • All examples leverage the WMI Win32_Course of action course and WMI Produce method for invocation.

Use

SharpWSManWinRM.cs 

 Utilization: SharpWSManWinRM.exe  
 Utilization: SharpWSManWinRM.exe    

 Case in point: SharpWSManWinRM.exe host.area.local notepad.exe
 Case in point: SharpWSManWinRM.exe host.domain.nearby "cmd /c notepad.exe" domainjoe.consumer P@ssw0rd

WSManWinRM.ps1 

 Usage: Invoke-WSManWinRM -hostname  -command 
 Usage: Invoke-WSManWinRM -hostname  -command  -consumer  -password 

 Illustration: import-module .WSManWinRM.ps1
          Invoke-WSManWinRM -hostname MyServer.domain.community -command calc.exe
 Illustration: import-module .WSManWinRM.ps1
          Invoke-WSManWinRM -hostname MyServer.domain.area -command calc.exe -consumer domainjoe.consumer -password P@ssw0rd

WSManWinRM.vbs 

 Usage: cscript.exe SharpWSManWinRM.vbs  
 Use: cscript.exe SharpWSManWinRM.vbs    

 Case in point: cscript.exe SharpWSManWinRM.vbs host.domain.community notepad.exe
 Example: cscript.exe SharpWSManWinRM.vbs host.domain.regional "cmd /c notepad.exe" domainjoe.user P@ssw0rd

WSManWinRM.js 

 Usage: cscript.exe SharpWSManWinRM.js  
 Usage: cscript.exe SharpWSManWinRM.js    

 Example: cscript.exe SharpWSManWinRM.js host.area.area notepad.exe
 Instance: cscript.exe SharpWSManWinRM.js host.domain.nearby "cmd /c notepad.exe" domainjoe.person P@ssw0rd

CppWSManWinRM.cpp 

 Utilization: CppWSManWinRM.exe  

 Case in point: CppWSManWinRM.exe host.area.community notepad.exe
 
 Be aware: Username/password alternative does not do the job but

Ethics

WSMan-WinRM is designed to support stability industry experts accomplish moral and authorized safety assessments and penetration exams. Do not use for nefarious applications.

Impression and Write-up Resource backlink

Study Extra on Pentesting Equipment

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *