🩸
Pentesting Checklist
  • πŸ‘€General Checklist
    • πŸ‘οΈRecon & Scanning
      • Nmap Scan
    • 🌑️Services
      • SSH
      • FTP
      • Samba
      • Git
      • SNMP
    • βš™οΈReverse Engineering
      • General
      • Android apks
      • Windows Exe or .net binaries
  • 🐞Web Application Checklist
    • 🧠Web App Attack Techniques
      • Password Smuggling Attack
    • 😍Fuzzing with ffuf
    • πŸ’„Directory Fuzzing
      • Using the tools
      • Wordlists to use
    • πŸ‘ΎSubdomain Fuzzing
      • Normal fuzzing
      • Finding through DNS
    • 🎯LFI/RCE
      • LFI
        • What to do once obtained
      • RCE
      • Misc
  • β˜•Linux Checklist
    • Page 2
  • πŸͺŸWindows Checklist
    • πŸ’€Windows Connection Methods
  • πŸ–‡οΈTips & Tricks
    • Transferring Files
      • 🐧Linux
      • πŸ“ΈWindows
    • Pivoting / Lateral Movement Techniques
      • proxychains
      • chisel
      • sshuttle
      • ligolo-ng
    • 🧩Fuzzing
    • πŸ™ƒCredential Brute-Forcing
  • πŸ’Other useful resources:
    • Page 7
Powered by GitBook
On this page
  1. Windows Checklist

Windows Connection Methods

PreviousPage 2NextTransferring Files

Last updated 2 years ago

  • If port 3389 is open or a rdp port is open connect using xfreerdp:

    • xfreerdp /u:username /p:password /cert:ignore /v:ip

  • If port 5985 is open or a winrm port is open connect using evil-winrm:

    • evil-winrm -u username -p 'password' -i <IP>/<Domain>

  • Another way?

    • winexe -U β€˜username%password' //ip_of_remote cmd.exe

πŸͺŸ
πŸ’€
https://book.hacktricks.xyz/network-services-pentesting/5985-5986-pentesting-winrm