Dave-ee Jones Posted December 4, 2017 Share Posted December 4, 2017 Hoi! So here's a quick payload idea.. Plug BB into victim PC and enable remote connection on PS: Enable-PSRemoting -Force Set-Item wsman:\localhost\client\trusthosts "172.16.16.*" Head to another PC and launch remote PS commands (your laptop on the same network, maybe?): Enter-PSSession -ComputerName "George" Might work on the payload tomorrow or something, get a quick version going. I just posted to see what others could come up with or just have a Devil's Advocate try and stump me (probably not hard in this case). Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted December 4, 2017 Share Posted December 4, 2017 Hmm, been awhile since I enable PSRemoting. I do not recall but after enabling does the machine usually require a reboot? If not, there is actually a even more hidden idea. WMI trigger to enable psremoting and allow your IP when some external event that you can control happens on the network or with a service on the machine. Use bunny to create trigger and now there is no psremote port open. Trigger WMI event from another machine so psremoting is enabled and then connect. When done you may can have an event to shut it back down too. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.