Enumeration Cheatsheets

Enumerating WinRM (Port 5985)

This post intends to provide a list of helpful commands and tools that you can use when enumerating Port 5985 on a machine. This list is far from exhaustive and will be updated as time progresses.

Getting a Shell w/ EvilWinRM

You can download this tool from Github at the following location.

With that tool in hand, we can run the following command to gain a shell as long as you know valid user credentials.

./evil-winrm.rb -u <userAccount> -p <userPassword> -i <targetIP>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s