Skip to content
/ winrm_kerb_shell Public

Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine, relaying on a valid Kerberos ticket. (Very useful with Golden Tickets)

16 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Sh11td0wn/winrm_kerb_shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
winrm_kerb_shell.rb
winrm_kerb_shell.rb
 
 

Repository files navigation

winrm_kerb_shell

Description

Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine,
relaying on a valid Kerberos ticket. (Very useful with Golden Tickets)

### ATTENTION ###

Make sure you have your kerberos ticket properly configured,
either setting the KRB5CCNAME variable or copying and renaming it to '/tmp/krb5cc_0'

Example:

export KRB5CCNAME='/foo/bar/ticket.ccache'
or
cp -v /foo/bar/ticket.ccache /tmp/krb5cc_0

Also, make sure you can resolve all domain involved names.

Usage: ./winrm_kerb_shell.rb [options]

Example:
./winrm_kerb_shell.rb -s fooserver.contoso.com -r CONTOSO.COM

Obs. Options --server, and --realm are REQUIRED!

Options:

-h, --help                       Show this help message
-s, --server SERVER              The server FQDN.
-r, --realm DOMAIN               The realm name. (UPPERCASE)

      *** Do NOT use this for illegal or malicious use ***                     
  By running this, YOU are using this program at YOUR OWN RISK.                 
This software is provided "as is", WITHOUT ANY guarantees OR warranty.

About

Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine, relaying on a valid Kerberos ticket. (Very useful with Golden Tickets)

Resources

Readme
Activity

Stars

16 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages