The purpose of my task is to run a Ruby script, which executes key-logger exe file, and starts working on remote computer. I manage to successfully connect by apache2 server (i.e. my other VM enters a link in the browser and meterpreter starts to work) with PAYLOAD php/meterpreter/reverse_tcp. So when meterpreter starts to work , Im trying to run script: run ruby.rb
https://i.stack.imgur.com/pVEDI.jpg
ruby.rb (with content)
exec("/root/Desktop/time/time/bin/Debug/time.exe")
However, error is occurring and I dont understand why? When I try to execute my time.exe file in WINDOWS it works perfectly. The keylogger is written in c# if someone interested in looking at the code: https://ufile.io/y9n3z
Maybe someone can give my an advice or a workaround?
Related
Whenever I try to execute a sh script via Jsh nothing happens , however when I execute it through a normal ssh session it works fine , I haven't been able to get a single sh file to work/run regardless of the contents of the sh file.
I have tried
channelssh.setCommand("/home/exiatron00/Desktop/bash test.sh");
channelssh.setCommand("/home/exiatron00/Desktop/./test.sh");
channelssh.setCommand("/home/exiatron00/Desktop/test.sh");
I don't see anything wrong with your command, so I would have to assume it's your setup.
Are you sure you're even logging into your server? I would check your last logs to make sure you are even connecting.
Are you on the same network as the machine you're attempting to connect to? If you aren't on wifi I would assume your machine is hidden behind a NAT.
We have a .CMD script that we are triggering from Control-M.
A main.cmd is being called from Control-M. This script is run as 'accnt_svc' service account which we also configured in Control-M. Prior to setting up in Control-M, we testing this running fine when ran from command prompt (as administrator) and via Windows Task Scheduler being run as the 'acct_svc' service account.
When running in Control M, the log shows error saying a subscript (say sub.cmd is being called from main.cmd) saying the sub.cmd is invalid.
We checked the permissions and they both have the same settings.
We tried another script, this time we created a wrapper which 'calls' the main script. This worked fine.
Please check following wrapper:
SET V_CMDDRV=E:
%V_CMDDRV%
CD %V_CMDDIR%
CALL CALL %V_CMDDIR%\main.cmd
When we create a Main_Wrapper.cmd calling the main.cmd this works fine.
May I know why Control-M behaves this way?
Thanks
When issuing a command via Control-M it will by default run from your run as users home directory. From the output you've attached it looks like main.cmd might need to be run from E: instead of the %HOMEPATH% of the acct_svc service account.
I'm having a issue with CI where after i deployed a build i can't get the new version to start. In Jenkins the console output just keeps spinning when it hit the part of the batch file to start the exe-file and then times out.
I have tried both to run it inside the batch file and from the SSH command line but i can't get it to start on our Windows server.
Any suggestions?
First of all I have spent over 4 hours researching this topic..
So I have a Windows 2008 r2 root server at the moment. I connect to it via Remote Desktop.
Now I want to write a program that runs batch files on the server but the program is at client side, I have tried to setup an SSH server on my Windows server with Freesshd.
That seems to work but the programs are not shown. (In Taskmanager are they)
Is there way (prefer SSH) to let them show normally?
The goal is to restart programs (Gameservers).
My Program will work so: if I press restart server it will connect (if SSH) via Putty to the server to exec the batch file.
Or will start another program with parameters something like this:
Clientprogramm -ip 95.25.115.** -user Administrator -p xxxxxx C:\gameserverdir\start.bat
Simple and fine. I have done that already for Linux and there it isn't that hard.
So if you have an idea that can help me would be nice to know.
Both system are Windows!
If you are using SSH, the tool you need is plink. It's putty for command line.
Or, as indicated in comments, you can use psexec, or powershell, or vbscript, or .... BUT started programs are only "visible" in the same session from where they were started.
I am trying to execute a program inside of a power shell script. The PS script is being called from a C# method using Runspaces. The program tries to make an update to a config file on a remote server. When I run this whole thing I get the following error:
System.UnauthorizedAccessException: Access to the path \\some path is denied.
The PS script is on a remote server. If I run the PS script directly on the server then the PS script and the program inside of it runs fine and is able to access the remote system.
Has anyone run into this before? I was told that this is failing because I am running it through Visual Studio and C# and that I won't be allowed to access network resources through a powershell script that is being run through a C# class. Someone else told me that the permissions that I am using to start the PS script in the runspace are not translating to the program that I am calling within the script.
Other ideas and possible solutions?
Thanks
It looks like you're trying to modify a file on a UNC path on a secondary server. This won't work due to the age old "double hop" problem. You are on machine A, executing a remote script on B that tries to modify a file on C. Your authentication from A to B cannot be reused to connect from B to C. This is a design limitation for NTLM (windows integrated authentication.)
However, all is not lost: You must use CredSSP authentication when connecting with powershell remoting from A to B, and then you can connect to C without a problem.
References:
http://tfl09.blogspot.ca/2013/02/powershell-remoting-double-hop-problem.html
http://www.ravichaganti.com/blog/?p=1230