# Windows Remote Management

Windows Remote Management (WinRM) is the name of both a Windows Service and a protocol that allows a user to interact with a remote system (e.g., run an executable modify the Registry, modify services). It may be called with the `winrm` command or by any number of programs such as PowerShell.

Without the use of PowerShell Code execution can be accomplised with the following syntax on our attacking machine.

There are great tools that can be used when this server is available and we have credentials for the machine let's use `evil-winrm` for this example Winrm has been activated on the machine so we can utilize this service. With our Kali box we can attack it very simply use the proper tools.

```
evil-winrm -i IP -u User -p Password
```

![](/files/-LxcQ29Eyq6UlBdKUUsb)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dmcxblue.gitbook.io/red-team-notes/execution/windows-remote-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.