Hello everyone,

I have gained credentials to access a machine through WinRM via evil-winrm.

I want to use the metasploit module ‘Local Exploit Suggester’. The module requires a SESSION option to be set.

Knowing this, I tried to use the module ‘winrm_login’ to create a session. I entered the RHOSTS, USERNAME, and PASSWORD options in correctly and executed with this response:

[!] No active DB – Credential data will not be saved!
[+] 10.10.11.108:5985 - Login Successful: WORKSTATION[[USERNAME]]:[[PASSWORD]]
[] Scanned 1 of 1 hosts (100% complete)
[] Auxiliary module execution completed

As you can see, it was successful. But when I run ‘sessions’:

Active sessions

No active sessions.

I haven’t found a single thing online about this. It would seem that a session is typically automatically generated from a login auxiliary module, but that isn’t the case here.

How do I generate a session over winrm_login to use local exploit suggester?

Thanks!