Documentation on winrm_script_exec updated 1.3
parent
d22e43dedd
commit
90744b0162
|
@ -3,11 +3,11 @@
|
||||||
WinRM, is a Windows-native built-in remote management protocol in its simplest form that uses Simple Object Access Protocol to interface with remote computers and servers, as well as Operating Systems and applications. It handles remote connections by means of the WS-Management Protocol, which is based on SOAP (Simple Object Access Protocol).
|
WinRM, is a Windows-native built-in remote management protocol in its simplest form that uses Simple Object Access Protocol to interface with remote computers and servers, as well as Operating Systems and applications. It handles remote connections by means of the WS-Management Protocol, which is based on SOAP (Simple Object Access Protocol).
|
||||||
This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. This module will check if Poweshell 2.0 is available, and if so then it will use that method. Otherwise it falls back to the VBS CmdStager which is less stealthy.
|
This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. This module will check if Poweshell 2.0 is available, and if so then it will use that method. Otherwise it falls back to the VBS CmdStager which is less stealthy.
|
||||||
|
|
||||||
**IMPORTANT:-** If targetting an x64 system with the Poweshell method, one must select an x64 payload. An x86 payload will never return.
|
**IMPORTANT:** If targetting an x64 system with the Poweshell method, one must select an x64 payload. An x86 payload will never return.
|
||||||
|
|
||||||
## Example Usage
|
### Example Usage
|
||||||
|
|
||||||
## Windows 2008
|
### Windows 2008
|
||||||
|
|
||||||
**Powershell 2.0 is used for payload delivery here**
|
**Powershell 2.0 is used for payload delivery here**
|
||||||
|
|
||||||
|
@ -54,7 +54,7 @@ meterpreter >
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
**In case the VBS CmdStager is used for payload delivery here**
|
**VBS CmdStager is used for payload delivery here**
|
||||||
|
|
||||||
```
|
```
|
||||||
msf exploit(handler) > use exploit/windows/winrm/winrm_script_exec
|
msf exploit(handler) > use exploit/windows/winrm/winrm_script_exec
|
||||||
|
|
Loading…
Reference in New Issue