jaccostraathof

evil-winrm

evil-winrm

install on Ubuntu 24.04.2 LTS

 

1st : sudo apt install ruby-rubygems

bolke@js-srv01:~$ sudo apt  install ruby-rubygems
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  fonts-lato libruby libruby3.2 rake ruby ruby-net-telnet ruby-sdbm ruby-webrick ruby-xmlrpc ruby3.2 rubygems-integration
  unzip zip
Suggested packages:
  ri ruby-dev bundler
The following NEW packages will be installed:
  fonts-lato libruby libruby3.2 rake ruby ruby-net-telnet ruby-rubygems ruby-sdbm ruby-webrick ruby-xmlrpc ruby3.2
  rubygems-integration unzip zip
0 upgraded, 14 newly installed, 0 to remove and 1 not upgraded.
Need to get 8,943 kB of archives.
After this operation, 41.3 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://nl.archive.ubuntu.com/ubuntu noble/main amd64 fonts-lato all 2.015-1 [2,781 kB]
Get:2 http://nl.archive.ubuntu.com/ubuntu noble/main amd64 rubygems-integration all 1.18 [5,336 B]
--snip--
Processing triggers for man-db (2.12.0-4build2) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
bolke@js-srv01:~$

.

 

 

then : sudo apt purge -y evil-winrm; sudo apt autoremove -y; sudo gem install evil-winrm

sudo apt purge -y evil-winrm; sudo apt autoremove -y; sudo gem install evil-winrm

.

voila

bolke@js-srv01:~$ evil-winrm

Evil-WinRM shell v3.7

Error: missing argument: ip, user

Usage: evil-winrm -i IP -u USER [-s SCRIPTS_PATH] [-e EXES_PATH] [-P PORT] [-a USERAGENT] [-p PASS] [-H HASH] [-U URL] [-S] [-c PUBLIC_KEY_PATH ] [-k PRIVATE_KEY_PATH ] [-r REALM] [--spn SPN_PREFIX] [-l]
    -S, --ssl                        Enable ssl
    -a, --user-agent USERAGENT       Specify connection user-agent (default Microsoft WinRM Client)
    -c, --pub-key PUBLIC_KEY_PATH    Local path to public key certificate
    -k, --priv-key PRIVATE_KEY_PATH  Local path to private key certificate
    -r, --realm DOMAIN               Kerberos auth, it has to be set also in /etc/krb5.conf file using this format -> CONTOSO.COM = { kdc = fooserver.contoso.com }
    -s, --scripts PS_SCRIPTS_PATH    Powershell scripts local path
        --spn SPN_PREFIX             SPN prefix for Kerberos auth (default HTTP)
    -e, --executables EXES_PATH      C# executables local path
    -i, --ip IP                      Remote host IP or hostname. FQDN for Kerberos auth (required)
    -U, --url URL                    Remote url endpoint (default /wsman)
    -u, --user USER                  Username (required if not using kerberos)
    -p, --password PASS              Password
    -H, --hash HASH                  NTHash
    -P, --port PORT                  Remote host port (default 5985)
    -V, --version                    Show version
    -n, --no-colors                  Disable colors
    -N, --no-rpath-completion        Disable remote path completion
    -l, --log                        Log the WinRM session
    -h, --help                       Display this help message
bolke@js-srv01:~$

.

 

.