Releases: 1upbyte/Devious-WinRM
v1.2.2
Full Changelog: v1.2.1...v1.2.2
New features
- Silver ticket support - not fully tested, seems to work OK
Improvements
- Clearer error messages (especially when relating to Kerberos)
- New wiki page for common errors (to be expanded)
Misc
- Python 3.11+ is now required
v1.2.1
v1.2.0
Full Changelog: v1.1.0...v1.2.0
Added a local token upgrader - localexec
Using RunasCs, commands like qwinsta and get-service can work properly over WinRM. Usage info is available in the wiki
Added documentation
Brand new wiki! This should help new users of the tool along with keeping a good knowledge base of what Devious-WinRM can do. Check it out here
Added AMSI Bypass
The bypass is taken directly from Evil-WinRM. Oftentimes, the bypass isn't needed as the invoke command does a good enough job of evading AV.
Proper keep-alive fix
Devious-WinRM now uses a fork of pypsrp to implement the fixes to long-running connections. This change will be reverted once the fix is published to PyPI.
v1.1.0
Full Changelog: v1.0.0...v1.1.0
Added In-Memory Execution
.NET binaries can now be ran without touching disk. This is useful for AV evasion but also makes it convenient to quickly execute something like Mimikatz or Bloodhound.
Invoked binaries will be cached once uploaded to avoid unnecessary slowdowns, especially with large executables.
Added Upload to Memory
Files can now be uploaded to a variable name instead of to disk. The variable will be an array of bytes that can be decoded using a number of .NET methods.
(Even) Easier Kerberos Auth
Kerberos login will now automatically detect if the hostname used to connect is a FQDN, allowing the user to omit specifying the DC. This assumes that the target machine is the DC (the case in many HTB scenarios).
Bugfixes
- Fixed files always uploading to the Documents folder
- Fixed memory leak when attempting to upload a non-existent file
- Fixed various uncaught exceptions