psexec

I am using psexec on my server to run an exe file on another server. How do I pass parameters to the other exe ? The exe that I am running on my server is psexec which in turn must run the exe named vmtoolsd.exe located on another system. How do I pass parameters to vmtoolsd.exe ? Also, where do I pass it ? Would I pass it as part of the info.Arguments ? I've tried that but it isn't working. ProcessStartInfo info = new ProcessStartInfo(@"C:\Tools"); info.FileName = @"C:\Tools\psexec.exe"; info.Arguments = @"\\" + serverIP + @"C:\Program Files\VMware\VMwareTools\vmtoolsd.exe"; Process.Start

I have been using PsExec -d to launch console applications in a remote powershell session because I want these apps to run in the background while I perform some task. The problem is that I want the background applications to continue running even if I kill the remote powershell session with Remove-PSSession . What happens currently is once the remote powershell session is killed so are all the processes that were started with the help of PsExec -d . I'm guessing it has something to do with process trees and how windows manages the lifetime of such things. Does anyone have any idea how I can

I have a Hudson build script which calls the SysInternals PsExec utility. Normally, when PsExec is run for the first time by a given user it pops up a dialog box asking the user to accept the licence. The build agent runs as a service and I can see that the build gets stuck at PsExec. Process Explorer shows that PsExec is running, so I strongly suspect it's displaying that same prompt, but because it's running non-interactively there is no way to accept the prompt. Is there any way to get around this silly limitation? Running on Windows Server 2008 R2 x64. Use the /accepteula command-line

Consider the following scenario: Database server: DBServer R Server: RServer Orchestrator Server: Server1 We have following R Script (DB.r): lib.directory = "D:\\RTest" install.packages("RODBC", repos = "http://cran.us.r-project.org", lib = lib.directory) library(RODBC, lib.loc = lib.directory) db.string <- "driver={ODBC Driver 13 for SQL Server};server=DBServer;database=Databse1;trusted_connection=Yes;" db.channel <- odbcDriverConnect(db.string) close(db.channel) Server1 executs the R script remotely on R Server using the following code: PsExec.exe \\RServer "C:\Program Files\R\R-3.4.3\bin

总结下PtH具体形式(wmicexec、powershell、msf等) 0x01 PtH攻击原理 && 黄金白银票据 PtH攻击原理 wiki https://en.wikipedia.org/wiki/Pass_the_hash 写的也很清楚 其中重要的是windows使用系统API( LsaLogonUser )生成hash进行认证，而不是用明文， 所以利用hash即可模拟用户登录进行操作 。还有的是如果密码长度大于15就不存在LM Hash，从windows2008开始微软默认禁用LM hash。 这也就很好理解pth的原理了。 Windows Server 2008启用LM hash的方法： gpedit.msc - 计算机配置 - Windows 设置 - 安全设置 - 本地策略 - 安全选项 找到 网络安全︰ 不要在下次更改密码存储 LAN 管理器的哈希值 ，选择 已禁用 系统下一次更改密码后，就能够导出LM hash 接下里回顾下kerberos认证过程 ，区别白银票据和黄金票据区别。 kerberos认证粗略流程: client向kerberos服务请求，希望获取访问server的权限。 kerberos得到了这个消息，首先得判断client是否是可信赖的， 也就是白名单黑名单的说法。这就是AS服务完成的工作，通过 在AD中存储黑名单和白名单来区分client

So we are using PsExec a lot in our automations to install virtual machines, as we can't use ps remote sessions with our windows 2003 machines. Everything works great and there are no Problems, but PsExec keeps throwing errors, even every command is being carried out without correctly. For example: D:\tools\pstools\psexec.exe $guestIP -u $global:default_user -p $global:default_pwd -d -i C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "Enable-PSRemoting -Force" Enables the PsRemoting on the guest, but also throws this error message: psexec.exe : Bei D:\Scripts\VMware\VMware