mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
33 lines
756 B
YAML
33 lines
756 B
YAML
id: winrm-remote-shell-access-allowed
|
|
|
|
info:
|
|
name: Remote Shell Access Allowed
|
|
author: princechaddha
|
|
severity: high
|
|
description: Checks if remote shell access via WinRM is allowed, which can be exploited.
|
|
impact: |
|
|
Remote shell access could allow unauthorized access to critical system components.
|
|
remediation: |
|
|
Disable remote shell access in WinRM.
|
|
tags: winrm,remote-shell,code,windows-audit
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- pre-condition: |
|
|
IsWindows();
|
|
engine:
|
|
- powershell
|
|
- powershell.exe
|
|
args:
|
|
- -ExecutionPolicy
|
|
- Bypass
|
|
pattern: "*.ps1"
|
|
source: |
|
|
(Get-Item WSMan:\localhost\Shell).AllowRemoteShellAccess
|
|
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "True"
|