Invoke-Command
Run commands on local or remote computers. Enables lateral movement via PowerShell remoting (WinRM).
Binary Paths
PowerShell cmdlet
Glob Patterns
| Pattern | Wildcards | Notes |
|---|---|---|
& (gcm I*-C*d) -ComputerName TARGET -ScriptBlock { whoami }
|
* | Wildcards in verb and noun |
& (gcm Invoke-Com*) -ComputerName ...
|
* | Star matches 'mand' |
& (gcm I*ke-Command) -ComputerName ...
|
* | Wildcard in verb |
& (gcm *-Command) -ComputerName ...
|
* | Prefix wildcard |
icm -ComputerName TARGET -ScriptBlock { id }
|
Built-in alias 'icm' | |
& (gcm Invok[d-f]-Command) -ComputerName ...
|
[d-f] | Character range matches 'e' in Invoke |
& (gal ic?) -ComputerName TARGET -ScriptBlock { id }
|
? | Get-Alias with wildcard resolves 'icm' |