infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Documentation on winrm_script_exec updated 1.3

bug/bundler_fix
itsmeroy2012 2017-03-19 23:31:30 +05:30
parent d22e43dedd
commit 90744b0162
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
documentation/modules/exploit/winrm/winrm_script_exec.md
View File

@ -3,11 +3,11 @@
WinRM, is a Windows-native built-in remote management protocol in its simplest form that uses Simple Object Access Protocol to interface with remote computers and servers, as well as Operating Systems and applications. It handles remote connections by means of the WS-Management Protocol, which is based on SOAP (Simple Object Access Protocol).
This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2.0 and VBS CmdStager. This module will check if Poweshell 2.0 is available, and if so then it will use that method. Otherwise it falls back to the VBS CmdStager which is less stealthy.
**IMPORTANT:-** If targetting an x64 system with the Poweshell method, one must select an x64 payload. An x86 payload will never return.
**IMPORTANT:** If targetting an x64 system with the Poweshell method, one must select an x64 payload. An x86 payload will never return.
## Example Usage
### Example Usage
## Windows 2008
### Windows 2008
**Powershell 2.0 is used for payload delivery here**
@ -54,7 +54,7 @@ meterpreter >
```
**In case the VBS CmdStager is used for payload delivery here**
**VBS CmdStager is used for payload delivery here**
```
msf exploit(handler) > use exploit/windows/winrm/winrm_script_exec