WinRM Authentication

Testing credentials

#~ nxc winrm -u user -p password

Expected Results:

WINRM 5985   ROGER            [*]
WINRM 5985   ROGER            [+] GOLD\user:password (Pwn3d!)

If the SMB port is closed you can also use the flag -d DOMAIN to avoid an SMB connection

#~ nxc winrm -u user -p password -d DOMAIN

Expected Results:

WINRM 5985  [*]
WINRM 5985  [+] GOLD\user:password (Pwn3d!)


Monteverde machine is a good example to test WinRM procotol with NetExec

Last updated