Rewrite of popular tool evil-winrm in python
Project description
evil-winrm-py
Evil-WinRM-Py is a Python-based tool for Windows Remote Management (WinRM) that allows users to execute commands on remote Windows machines.
[!NOTE] This tool is designed strictly for educational, ethical use, and authorized penetration testing. Always ensure you have explicit authorization before accessing any system. Unauthorized access or misuse of this tool is both illegal and unethical.
Motivation
The original evil-winrm is written in Ruby, which can be a hurdle for some users. Rewriting it in Python makes it more accessible and easier to use, while also allowing us to leverage Python’s rich ecosystem for added features and flexibility.
I also wanted to learn more about winrm and its internals, so this project will also serve as a learning experience for me.
Features
- Execute commands on remote Windows machines via an interactive shell.
- Enable logging and debugging for better traceability.
- Navigate command history using up/down arrow keys.
- Display colorized output for improved readability.
- Support for Pass-the-Hash authentication.
- Auto-complete remote file and directory paths.
- Lightweight and Python-based for ease of use.
- Keyboard Interrupt (Ctrl+C) support to terminate long-running commands gracefully.
- Support for SSL to secure communication with the remote host.
Installation (Windows/Linux)
You may use pipx instead of pip to install evil-winrm-py.
pipxis a tool to install and run Python applications in isolated environments.
pip install evil-winrm-py
or if you want to install with latest commit from the main branch you can do so by cloning the repository and installing it with pipx:
git clone https://github.com/adityatelange/evil-winrm-py
cd evil-winrm-py
pip install .
Update
pip upgrade evil-winrm-py
Uninstall
pip uninstall evil-winrm-py
Usage
usage: evil-winrm-py [-h] -i IP -u USER [-p PASSWORD] [-H HASH] [--ssl] [--port PORT] [--log] [--version]
options:
-h, --help show this help message and exit
-i IP, --ip IP remote host IP or hostname
-u USER, --user USER username
-p PASSWORD, --password PASSWORD
password
-H HASH, --hash HASH nthash
--ssl use ssl
--port PORT remote host port (default 5985)
--log log session to file
--version show version
Credits
- Original evil-winrm project - https://github.com/Hackplayers/evil-winrm
- PowerShell Remoting Protocol for Python - https://github.com/jborean93/pypsrp
- Prompt Toolkit - https://github.com/prompt-toolkit/python-prompt-toolkit
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file evil_winrm_py-0.0.5.tar.gz.
File metadata
- Download URL: evil_winrm_py-0.0.5.tar.gz
- Upload date:
- Size: 8.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
81de70419c49f26a606ea6eb517ca531b30a1023339f2126a6bf675793bd5020
|
|
| MD5 |
9ffbf7a6e26e160e29b5f67e223ac85f
|
|
| BLAKE2b-256 |
62d2762818a2324c81fb3cc025d9c29a5773e0848ca5f380d52a99d5bf67d453
|
File details
Details for the file evil_winrm_py-0.0.5-py3-none-any.whl.
File metadata
- Download URL: evil_winrm_py-0.0.5-py3-none-any.whl
- Upload date:
- Size: 8.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
83bd4a1d4544f977562643191cfa83de5a63c2bb081bd92a8d077c9dd6692c2d
|
|
| MD5 |
3686bc099d5eb646a9475f76faa4d339
|
|
| BLAKE2b-256 |
ad4f896298a8781183c80879bc0a4b58806f0046f024c19ceca7d0f236f106e5
|
