|
Title: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on November 21, 2012, 03:22:09 PM Here's some more great content as Rapid7 and EH-Net join forces once again. Please help spread the word by following us on Twitter @ethicalhacker and RTing this and other items of interest.
Permalink: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit (http://www.ethicalhacker.net/content/view/452/2/) Quote Join us for a Free Webcast on Dec 4 (http://www.ethicalhacker.net/images/stories/sponsors/rapid7/rapid7_logo.jpg) (http://www.rapid7.com/) In this technical webinar for penetration testers, David Maloney discusses how you can use Windows Remote Management and Windows Remote Shell to obtain a session on a host while avoiding detection through anti-virus solutions. Participants will learn about: • Capabilities of Windows Remote Management (WinRM) and Windows Remote Shell (WinRS) • Discovering hosts running these services • Brute forcing the services to obtain passwords • Running WMI Queries and running commands • Getting and migrating shells to a more persistent process David Maloney, a Software Engineer on Rapid7’s Metasploit team, is responsible for development of core features for the commercial Metasploit editions. Before Rapid7 (http://www.rapid7.com), he worked as a Security Engineer and Penetration Tester at Time Warner Cable and as an Application Security Specialist for a global insurance company. David has been a long-time community contributor to the Metasploit Framework. He is one of the founders of Hackerspace Charlotte and is an avid locksport enthusiast. Date: Tuesday December 4, 2012 Time: 1:00 PM - 2:00 PM CST (http://www.ethicalhacker.net/images/stories/features/specialevents/webinar_button_registernow.gif) (https://www2.gotomeeting.com/register/515873034) Register Now! (https://www2.gotomeeting.com/register/515873034) Even if you can't join us live, please register anyway to get details on the video! See you there, Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on November 28, 2012, 11:17:46 PM Less than a week until the live event. As a reminder, the webcast in its entirety will be recorded. So even if you can't attend the live event, please register anyway to be on the list of those automatically notified when the video is available.
As always, it is greatly appreciated when all of you EH-Netters help spread the word of our educational events. See you next week, Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: H1t M0nk3y on November 29, 2012, 07:14:04 AM I like these videos Don, so thanks for doing this! ;)
Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on November 30, 2012, 12:52:18 PM You're quite welcome. I appreciate you letting us know, because sometimes one can live in their own ittle bubble and think that it's good but not really know for sure.
Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on December 03, 2012, 09:33:15 AM Don't forget to join us tomorrow for some live hacking with Metasploit. It will be fun!
Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on December 04, 2012, 11:49:38 AM C u in about 1 hour.
If you can't attend and have questions or have questions that didn't get answered during the live event, throw them in this thread. See ya, Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: ziggy_567 on December 04, 2012, 12:14:34 PM Did the date for this change?
When I registered, I clicked on the "Import this event into your calendar" link and it showed up on my calendar for the 6th. I'll still be attending, but I thought it odd. Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: mubix on December 04, 2012, 01:45:34 PM Awesome work @thelightcosine !
Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: H1t M0nk3y on December 04, 2012, 02:00:22 PM I just missed it. I miscalculated the time zones by one hour and connected at the very end! :-[
So Don, when will the recording be available? I feel a bit dumb... Thanks Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on December 04, 2012, 02:29:36 PM I usually like to post the video about a month afterwards, so that there's incentive to register and attend the live event. But because of the holidays, I may do it this month.
My arm is ready for twisting. ;) Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: digitalvampire on December 04, 2012, 02:42:48 PM Don't feel bad, I just realized I did the same.. I was even watching a CST timer to make sure I the timing right this morning. Went to grab lunch and saw I was off an hour!
Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: m0wgli on December 04, 2012, 03:20:29 PM I like these videos Don, so thanks for doing this! ;) Totally agree with this, I enjoyed the Webcast tonight. I'll be researching this further. As mentioned at the end, nobody knows everything! It's great that so many in the community are willing to share! :) Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: H1t M0nk3y on December 05, 2012, 07:17:07 AM Quote My arm is ready for twisting. Good! I have been practicing Jiu-Jitsu for years now and twisting arms is all we do!! ;)@digitalvampire: It's good to see I am now the only one!! This site is so much fun! Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: digitalvampire on December 05, 2012, 10:16:51 AM I agree, I love this forum! I'm still mad I missed this, but I'm looking forward to seeing it uploaded... Thanks for bringing this to us!! :)
-DV Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: m0wgli on December 05, 2012, 10:54:52 AM If you haven't seen it already the post below is worth a read:
https://community.rapid7.com/community/metasploit/blog/2012/11/08/abusing-windows-remote-management-winrm-with-metasploit Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on December 05, 2012, 11:29:59 AM Here's the slide deck (http://www.ethicalhacker.net/images/stories/features/specialevents/abusingwinrm/abusingwinrm_cosinedeck_12-04-2012.pptx). Not the useless one I did but the meat of the preso by David Maloney.
Don Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: m0wgli on December 05, 2012, 04:00:32 PM Thanks for sharing these so quickly. :)
Title: Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit Post by: don on December 14, 2012, 12:24:06 PM Video of entire preso and Q&A now available:
http://www.ethicalhacker.net/content/view/454/2/ Don
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |