Hey everyone,
I just released nimrm, a native WinRM shell client built entirely in Nim with no external Nim dependencies.
It provides an interactive shell for remote Windows administration and security testing, compiled to a single native binary.
Features:
- Interactive PowerShell and CMD shell
- NTLM password and pass-the-hash authentication
- Kerberos authentication via GSSAPI
- File upload/download and recursive directory transfers
- In-memory PowerShell script import
- In-memory .NET assembly execution
- AD/domain context and OPSEC auditing commands
- Multiple concurrent sessions with pivoting
- NTLM message encryption (sealing) over HTTP
- HTTPS/TLS support
Usage:
NTLM
nimrm -T 192.168.1.10 -A 'CORPadministrator' -P 'Password123'
Pass-the-hash
nimrm -T 192.168.1.10 -A 'CORPuser' -N aad3b435:0123456789abcdef
Kerberos
KRB5CCNAME=FILE:/tmp/user.ccache nimrm -k -T dc01.corp.local -Z CORP.LOCAL
Install:
Debian package
sudo dpkg -i nimrm_1.0.0_amd64.deb
Or build from source
git clone https://github.com/blue0x1/nimrm.git cd nimrm make linux
The underlying WinRM protocol implementation is also available as a standalone library: nim-winrm
Links:
- Repository: https://github.com/blue0x1/nimrm
- Wiki: https://github.com/blue0x1/nimrm/wiki
- WinRM Library: https://github.com/blue0x1/nim-winrm
Feedback and contributions welcome.