Requirements
- Ports: 5985/TCP (WinRM HTTP) or 5986/TCP (WinRM HTTPS)
- Required Group Memberships (on remote host): Remote Management Users, or local Administrator/Domain Admins
WinRM (Windows Remote Management) is enabled by default on most Windows installations.
To initiate session on the command prompt:
winrs.exe -u:Administrator -p:Mypass123 -r:target cmdWe can achieve the same from Powershell with a PSCredential object:
# Once we have the PSCredential object:
Enter-PSSession -Computername TARGET -Credential $pscredential
# === OR ===
Invoke-Command -Computername TARGET -Credential $pscredential -ScriptBlock {whoami}