Generated docs from job=generate-docs branch=master [ci skip]
This commit is contained in:
Atomic Red Team doc generator
@@ -70433,32 +70433,16 @@ lateral-movement:
|
||||
elevation_required: true
|
||||
- name: Remote Code Execution with PS Credentials Using Invoke-Command
|
||||
auto_generated_guid: 5295bd61-bd7e-4744-9d52-85962a4cf2d6
|
||||
description: |
|
||||
Execute Invoke-command on remote host.
|
||||
|
||||
Upon successful execution, powershell will execute whoami on specified remote host using `invoke-command`.
|
||||
description: "Simulate lateral movement with PowerShell Remoting on the local
|
||||
host. \nUpon successful execution, PowerShell will execute `whoami` using
|
||||
`Invoke-Command`, targeting the \nlocal machine as remote target.\n"
|
||||
supported_platforms:
|
||||
- windows
|
||||
input_arguments:
|
||||
username:
|
||||
description: The username running the powershell command
|
||||
type: string
|
||||
default: "$env:USERNAME"
|
||||
remotehost:
|
||||
description: The remote hostname of the machine you are running the powershell
|
||||
command on.
|
||||
type: string
|
||||
default: "$env:COMPUTERNAME"
|
||||
password:
|
||||
description: The password to be used with the user provided in the previous
|
||||
input argument.
|
||||
type: string
|
||||
default: test12345
|
||||
executor:
|
||||
command: |-
|
||||
$SecPassword = ConvertTo-SecureString "#{password}" -AsPlainText -Force
|
||||
$Cred = New-Object System.Management.Automation.PSCredential("#{username}", $SecPassword)
|
||||
Invoke-Command -ComputerName "#{remotehost}" -Credential $Cred -ScriptBlock {whoami}
|
||||
Enable-PSRemoting -Force
|
||||
Invoke-Command -ComputerName $env:COMPUTERNAME -ScriptBlock {whoami}
|
||||
cleanup_command: Disable-PSRemoting -Force
|
||||
name: powershell
|
||||
- name: WinRM Access with Evil-WinRM
|
||||
auto_generated_guid: efe86d95-44c4-4509-ae42-7bfd9d1f5b3d
|
||||
|
||||
@@ -46,9 +46,9 @@ Enable-PSRemoting -Force
|
||||
<br/>
|
||||
|
||||
## Atomic Test #2 - Remote Code Execution with PS Credentials Using Invoke-Command
|
||||
Execute Invoke-command on remote host.
|
||||
|
||||
Upon successful execution, powershell will execute whoami on specified remote host using `invoke-command`.
|
||||
Simulate lateral movement with PowerShell Remoting on the local host.
|
||||
Upon successful execution, PowerShell will execute `whoami` using `Invoke-Command`, targeting the
|
||||
local machine as remote target.
|
||||
|
||||
**Supported Platforms:** Windows
|
||||
|
||||
@@ -59,23 +59,19 @@ Upon successful execution, powershell will execute whoami on specified remote ho
|
||||
|
||||
|
||||
|
||||
#### Inputs:
|
||||
| Name | Description | Type | Default Value |
|
||||
|------|-------------|------|---------------|
|
||||
| username | The username running the powershell command | string | $env:USERNAME|
|
||||
| remotehost | The remote hostname of the machine you are running the powershell command on. | string | $env:COMPUTERNAME|
|
||||
| password | The password to be used with the user provided in the previous input argument. | string | test12345|
|
||||
|
||||
|
||||
#### Attack Commands: Run with `powershell`!
|
||||
|
||||
|
||||
```powershell
|
||||
$SecPassword = ConvertTo-SecureString "#{password}" -AsPlainText -Force
|
||||
$Cred = New-Object System.Management.Automation.PSCredential("#{username}", $SecPassword)
|
||||
Invoke-Command -ComputerName "#{remotehost}" -Credential $Cred -ScriptBlock {whoami}
|
||||
Enable-PSRemoting -Force
|
||||
Invoke-Command -ComputerName $env:COMPUTERNAME -ScriptBlock {whoami}
|
||||
```
|
||||
|
||||
#### Cleanup Commands:
|
||||
```powershell
|
||||
Disable-PSRemoting -Force
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user