Title: [Article]-Video: Abusing Windows Remote Management (WinRM) with Metasploit
Post by: don on December 14, 2012, 11:56:34 AM
We normally wait a month before posting the video of our webcasts in an effort to encourage people to attend the live event. Considering the timely nature of the content of this particular attack and the numerous suggestions to release it early, here it is.
Permalink: [Article]-Video: Abusing Windows Remote Management (WinRM) with Metasploit (http://www.ethicalhacker.net/content/view/454/2/)
Entire Webcast Now Available!!
In this technical webinar for penetration testers originally delivered on Dec 4, 2012, David Maloney discussed how you can use Windows Remote Management and Windows Remote Shell to obtain a session on a host while avoiding detection through anti-virus solutions. Participants learned:
• Capabilities of Windows Remote Management (WinRM) and Windows Remote Shell (WinRS)
• Discovering hosts running these services
• Brute forcing the services to obtain passwords
• Running WMI Queries and running commands
• Getting and migrating shells to a more persistent process
David Maloney, a Software Engineer on Rapid7’s Metasploit team, is responsible for development of core features for the commercial Metasploit editions. Before Rapid7 (http://www.rapid7.com), he worked as a Security Engineer and Penetration Tester at Time Warner Cable and as an Application Security Specialist for a global insurance company. David has been a long-time community contributor to the Metasploit Framework. He is one of the founders of Hackerspace Charlotte and is an avid locksport enthusiast.
Title: Re: [Article]-Video: Abusing Windows Remote Management (WinRM) with Metasploit
Post by: hayabusa on December 14, 2012, 12:15:17 PM
Actually, glad you got this posted, as I missed it, last week.