metasploit-framework/modules/exploits/windows/winrm
..
winrm_script_exec.rb