.

[Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Nov 21, 2012 4:22 pm

[Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Here's some more great content as Rapid7 and EH-Net join forces once again. Please help spread the word by following us on Twitter @ethicalhacker and RTing this and other items of interest.

Permalink: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit


Join us for a Free Webcast on Dec 4

Image


In this technical webinar for penetration testers, David Maloney discusses how you can use Windows Remote Management and Windows Remote Shell to obtain a session on a host while avoiding detection through anti-virus solutions. Participants will learn about:

• Capabilities of Windows Remote Management (WinRM) and Windows Remote Shell (WinRS)
• Discovering hosts running these services
• Brute forcing the services to obtain passwords
• Running WMI Queries and running commands
• Getting and migrating shells to a more persistent process

David Maloney, a Software Engineer on Rapid7’s Metasploit team, is responsible for development of core features for the commercial Metasploit editions. Before Rapid7, he worked as a Security Engineer and Penetration Tester at Time Warner Cable and as an Application Security Specialist for a global insurance company. David has been a long-time community contributor to the Metasploit Framework. He is one of the founders of Hackerspace Charlotte and is an avid locksport enthusiast.

Date:  Tuesday December 4, 2012
Time:  1:00 PM - 2:00 PM CST


Image[br /]
Register Now!

Even if you can't join us live, please register anyway to get details on the video!




See you there,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Nov 29, 2012 12:17 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Less than a week until the live event. As a reminder, the webcast in its entirety will be recorded. So even if you can't attend the live event, please register anyway to be on the list of those automatically notified when the video is available.

As always, it is greatly appreciated when all of you EH-Netters help spread the word of our educational events.

See you next week,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Nov 29, 2012 8:14 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

I like these videos Don, so thanks for doing this!  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Nov 30, 2012 1:52 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

You're quite welcome. I appreciate you letting us know, because sometimes one can live in their own ittle bubble and think that it's good but not really know for sure.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Dec 03, 2012 10:33 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Don't forget to join us tomorrow for some live hacking with Metasploit. It will be fun!

Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Dec 04, 2012 12:49 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

C u in about 1 hour.

If you can't attend and have questions or have questions that didn't get answered during the live event, throw them in this thread.

See ya,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

ziggy_567

User avatar

Sr. Member
Sr. Member

Posts: 378

Joined: Tue Dec 30, 2008 1:53 pm

Post Tue Dec 04, 2012 1:14 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Did the date for this change?

When I registered, I clicked on the "Import this event into your calendar" link and it showed up on my calendar for the 6th.

I'll still be attending, but I thought it odd.
--
Ziggy


eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+
<<

mubix

User avatar

Newbie
Newbie

Posts: 6

Joined: Mon Dec 29, 2008 9:40 am

Post Tue Dec 04, 2012 2:45 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Awesome work @thelightcosine !
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Dec 04, 2012 3:00 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

I just missed it. I miscalculated the time zones by one hour and connected at the very end!  :-[

So Don, when will the recording be available?

I feel a bit dumb...

Thanks
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Dec 04, 2012 3:29 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

I usually like to post the video about a month afterwards, so that there's incentive to register and attend the live event. But because of the holidays, I may do it this month.

My arm is ready for twisting.  ;)

Don
CISSP, MCSE, CSTA, Security+ SME
<<

digitalvampire

Newbie
Newbie

Posts: 23

Joined: Wed Mar 07, 2012 7:49 am

Post Tue Dec 04, 2012 3:42 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

Don't feel bad, I just realized I did the same.. I was even watching a CST timer to make sure I the timing right this morning.  Went to grab lunch and saw I was off an hour!
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Tue Dec 04, 2012 4:20 pm

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

H1t M0nk3y wrote:I like these videos Don, so thanks for doing this!  ;)


Totally agree with this, I enjoyed the Webcast tonight. I'll be researching this further.

As mentioned at the end, nobody knows everything! It's great that so many in the community are willing to share!  :)
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Dec 05, 2012 8:17 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

My arm is ready for twisting.

Good! I have been practicing Jiu-Jitsu for years now and twisting arms is all we do!!  ;)

@digitalvampire: It's good to see I am now the only one!!

This site is so much fun!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

digitalvampire

Newbie
Newbie

Posts: 23

Joined: Wed Mar 07, 2012 7:49 am

Post Wed Dec 05, 2012 11:16 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

I agree, I love this forum!  I'm still mad I missed this, but I'm looking forward to seeing it uploaded... Thanks for bringing this to us!! :)

-DV
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Wed Dec 05, 2012 11:54 am

Re: [Article]-Webcast: Abusing Windows Remote Management (WinRM) with Metasploit

If you haven't seen it already the post below is worth a read:

https://community.rapid7.com/community/ ... metasploit
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
Next

Return to Special Events

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software