Love Windows Voting System 1.0 evil-winrm (winrm 5985,5986)
wordpress website. with msfconsole upload nc.ex to wordpress uploads. start nc.exe and connect back to attacker’s nc listener.
The ports smb, mssql are open. impacket tools are used.
Windows box. Open port 88 is typically associated with Kerberos and port 389 with LDAP, which indicates that this is a Domain Controller. We note that WinRM is enabled on port 5985. Python bloodhound injester used.