5986 - WinRM (SSL)

Information

Default Port: 5986

PORT     STATE SERVICE  VERSION
5986/tcp open  ssl/http Microsoft HTTPAPI httpd 2.0                                                                        

Enumeration

nmap -p5986 -sS 192.168.1.2
nmap -p5986 -sVC 192.168.1.2

Connect

evil-winrm -i 192.168.1.2 -u 'Administrator' -p 'Password123!' -S   # password
evil-winrm -i 192.168.1.2 -c pub-key.pem -k priv-key.pem -S         # certificate

• -c , --pub-key - PUBLIC_KEY_PATH (Local path to public key certificate)
• -k , --priv-key - PRIVATE_KEY_PATH (Local path to private key certificate)
• -S , --ssl - Enable SSL (change port: 5986 / default port: 5985)