evil-winrm

Windows Remote Management (WinRM) shell for pentesting.

TLDR

Connect to a host

$ evil-winrm --ip [ip] --user [user] --password [password]
copy

Connect to a host, passing the password hash

$ evil-winrm --ip [ip] --user [user] --hash [nt_hash]
copy

Connect to a host, specifying folders for scripts and executables

$ evil-winrm --ip [ip] --user [user] --password [password] --scripts [path/to/scripts] --executables [path/to/executables]
copy

Connect to a host, using SSL

$ evil-winrm --ip [ip] --user [user] --password [password] --ssl --pub-key [path/to/pubkey] --priv-key [path/to/privkey]
copy

Upload a file to the host

$ PS > upload [path/to/local/file] [path/to/remote/file]
copy

Get a list of loaded PowerShell functions

$ PS > menu
copy

Load a PowerShell script from the --scripts folder

$ PS > [script.ps1]
copy

Invoke a binary on the host from the --executables folder

$ PS > Invoke-Binary [binary.exe]
copy

Copied to clipboard
free 100$ digital ocean credit