Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] one page modified

Browse source
This commit is contained in:
CPol 2020-07-15 21:54:12 +00:00 committed by gitbook-bot
parent 7d9c2e77ed
commit 28c92fde10
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pentesting/5985-5986-pentesting-winrm.md
View file

@ -7,14 +7,14 @@ description: >-
## WinRM
[Windows Remote Management](https://msdn.microsoft.com/en-us/library/windows/desktop/aa384426%28v=vs.85%29.aspx) \(WinRM\) is a Microsoft protocol that allows remote management of Windows machines over HTTP\(S\) using SOAP. On the backend it's utilizing WMI, so you can think of it as an HTTP based API for WMI.
[Windows Remote Management](https://msdn.microsoft.com/en-us/library/windows/desktop/aa384426%28v=vs.85%29.aspx) \(WinRM\) is a Microsoft protocol that **allows remote management of Windows machines** over HTTP\(S\) using SOAP. On the backend it's utilising WMI, so you can think of it as an HTTP based API for WMI.
If WinRM is enabled on the machine, it's trivial to remotely administer the machine from PowerShell. In fact, you can just drop in to a remote PowerShell session on the machine \(as if you were using SSH!\)
The easiest way to detect whether WinRM is available is by seeing if the port is opened. WinRM will listen on one of two ports:
* 5985/tcp \(HTTP\)
* 5986/tcp \(HTTPS\)
* **5985/tcp \(HTTP\)**
* **5986/tcp \(HTTPS\)**
If one of these ports is open, WinRM is configured and you can try entering a remote session.