Remote Code Execution

From RCATs
Revision as of 11:46, 19 September 2023 by Ali3nw3rx (talk | contribs)

Remote Code Execution Options[1]

#WMI
Wmic /node:COMPUTER/user:DOMAIN\USER /password:PASSWORD process call create COMMAND

#PowerShell (WMI)
Invoke-WMIMethod -Class Win32_Process -Name Create ArgumentList $COMMAND ComputerName $COMPUTER -Credential $CRED

#WinRM
winrs r:COMPUTER COMMAND

#PowerShell Remoting
Invoke-Command computername $COMPUTER -command { $COMMAND}
New-PSSession -Name PSCOMPUTER ComputerName $COMPUTER; Enter-PSSession -Name PSCOMPUTER

References: