Skip to content
/ doublehop Public

A Tool to use PowerShell Remoting / WinRM to execute PowerShell commands on remote hosts through WinRM double hop technique.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

an00byss/doublehop

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
doublehop.go
doublehop.go
 
 
go.mod
go.mod
 
 

Repository files navigation

Doublehop

This tool aims to assist in using PowerShell Remoting / WinRM to execute PowerShell commands on remote hosts through WinRM double hop technique.

This tool assumes you have internal network and CLI access.

Usage

doublehop Usage():
    -c string
        Command we are executing.
    -j string
        Host we are executing command against.
    -l string
        Inital host we are jumping from.
    -m string
        Add hosts comma seperated. FORMAT: 'host1,host2'
    -p string
        Password for user
    -u string
        FORMAT: 'DOMAIN\USER' we are authenticating with.

Example

# Execute against single host:
doublehop.exe -u "acme.local\pwneduser" -p "MySecurePass" -l wks01.acme.local -j server1.acme.local -c ipconfig

# Execute against multiple jump systems:
doublehop.exe -u "acme.local\pwneduser" -p "MySecurePass" -l wks01.acme.local -m "server1.acme.local,server2.amce.local" -c ipconfig

Inspired by: Slayerlabs - Kerberos Double-Hop Workarounds

About

A Tool to use PowerShell Remoting / WinRM to execute PowerShell commands on remote hosts through WinRM double hop technique.

Topics

windows powershell winrm redteam pentration-testing

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages