The Ethical Hacker Network - [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

[Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« on: November 21, 2012, 03:22:09 PM »

Here's some more great content as Rapid7 and EH-Net join forces once again. Please help spread the word by following us on Twitter @ethicalhacker and RTing this and other items of interest.

Permalink: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Quote

Join us for a Free Webcast on Dec 4

In this technical webinar for penetration testers, David Maloney discusses how you can use Windows Remote Management and Windows Remote Shell to obtain a session on a host while avoiding detection through anti-virus solutions. Participants will learn about:

   • Capabilities of Windows Remote Management (WinRM) and Windows Remote Shell (WinRS)
   • Discovering hosts running these services
   • Brute forcing the services to obtain passwords
   • Running WMI Queries and running commands
   • Getting and migrating shells to a more persistent process

David Maloney, a Software Engineer on Rapid7’s Metasploit team, is responsible for development of core features for the commercial Metasploit editions. Before Rapid7, he worked as a Security Engineer and Penetration Tester at Time Warner Cable and as an Application Security Specialist for a global insurance company. David has been a long-time community contributor to the Metasploit Framework. He is one of the founders of Hackerspace Charlotte and is an avid locksport enthusiast.

Date: Tuesday December 4, 2012
Time: 1:00 PM - 2:00 PM CST

Register Now!

Even if you can't join us live, please register anyway to get details on the video!

See you there,
Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #1 on: November 28, 2012, 11:17:46 PM »

Less than a week until the live event. As a reminder, the webcast in its entirety will be recorded. So even if you can't attend the live event, please register anyway to be on the list of those automatically notified when the video is available.

As always, it is greatly appreciated when all of you EH-Netters help spread the word of our educational events.

See you next week,
Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

H1t M0nk3y

Hero Member

Offline

Posts: 865

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #2 on: November 29, 2012, 07:14:04 AM »

I like these videos Don, so thanks for doing this! Wink


	Logged

OSCP, GPEN, GWAPT, GSEC, CEH, CISSP

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #3 on: November 30, 2012, 12:52:18 PM »

You're quite welcome. I appreciate you letting us know, because sometimes one can live in their own ittle bubble and think that it's good but not really know for sure.

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #4 on: December 03, 2012, 09:33:15 AM »

Don't forget to join us tomorrow for some live hacking with Metasploit. It will be fun!

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #5 on: December 04, 2012, 11:49:38 AM »

C u in about 1 hour.

If you can't attend and have questions or have questions that didn't get answered during the live event, throw them in this thread.

See ya,
Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

ziggy_567

Sr. Member

Offline

Posts: 361

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #6 on: December 04, 2012, 12:14:34 PM »

Did the date for this change?

When I registered, I clicked on the "Import this event into your calendar" link and it showed up on my calendar for the 6th.

I'll still be attending, but I thought it odd.


	Logged

--
Ziggy

eCPPT - GSEC - GCIH - GCUX - RHCE - SCSecA - Security+ - Network+

mubix

Newbie

Offline

Posts: 6

Security Addict

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #7 on: December 04, 2012, 01:45:34 PM »

Awesome work @thelightcosine !


	Logged

H1t M0nk3y

Hero Member

Offline

Posts: 865

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #8 on: December 04, 2012, 02:00:22 PM »

I just missed it. I miscalculated the time zones by one hour and connected at the very end! Embarrassed

So Don, when will the recording be available?

I feel a bit dumb...

Thanks


	Logged

OSCP, GPEN, GWAPT, GSEC, CEH, CISSP

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #9 on: December 04, 2012, 02:29:36 PM »

I usually like to post the video about a month afterwards, so that there's incentive to register and attend the live event. But because of the holidays, I may do it this month.

My arm is ready for twisting. Wink

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

digitalvampire

Newbie

Offline

Posts: 23

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #10 on: December 04, 2012, 02:42:48 PM »

Don't feel bad, I just realized I did the same.. I was even watching a CST timer to make sure I the timing right this morning. Went to grab lunch and saw I was off an hour!


	Logged

m0wgli

Full Member

Offline

Posts: 248

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #11 on: December 04, 2012, 03:20:29 PM »

Quote from: H1t M0nk3y on November 29, 2012, 07:14:04 AM

I like these videos Don, so thanks for doing this! Wink

Totally agree with this, I enjoyed the Webcast tonight. I'll be researching this further.

As mentioned at the end, nobody knows everything! It's great that so many in the community are willing to share!


	Logged

Security + | OSWP | eCPPT | CSTA

H1t M0nk3y

Hero Member

Offline

Posts: 865

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #12 on: December 05, 2012, 07:17:07 AM »

Quote

My arm is ready for twisting.

Good! I have been practicing Jiu-Jitsu for years now and twisting arms is all we do!! Wink

@digitalvampire: It's good to see I am now the only one!!

This site is so much fun!


	Logged

OSCP, GPEN, GWAPT, GSEC, CEH, CISSP

digitalvampire

Newbie

Offline

Posts: 23

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #13 on: December 05, 2012, 10:16:51 AM »

I agree, I love this forum! I'm still mad I missed this, but I'm looking forward to seeing it uploaded... Thanks for bringing this to us!!

-DV


	Logged

m0wgli

Full Member

Offline

Posts: 248

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

« Reply #14 on: December 05, 2012, 10:54:52 AM »

If you haven't seen it already the post below is worth a read:

https://community.rapid7.com/community/metasploit/blog/2012/11/08/abusing-windows-remote-management-winrm-with-metasploit


	Logged

Security + | OSWP | eCPPT | CSTA

Pages: [1] 2 Go Up

« previous next »