Remote Code Execution

From RCATs

Remote Code Execution Options[1]

#WMI
Wmic /node:COMPUTER/user:DOMAIN\USER /password:PASSWORD process call create COMMAND

#PowerShell (WMI)
Invoke-WMIMethod -Class Win32_Process -Name Create ArgumentList $COMMAND ComputerName $COMPUTER -Credential $CRED

#WinRM
winrs r:COMPUTER COMMAND

#PowerShell Remoting
Invoke-Command computername $COMPUTER -command { $COMMAND}
New-PSSession -Name PSCOMPUTER ComputerName $COMPUTER; Enter-PSSession -Name PSCOMPUTER


References: