How to execute a Windows command on a remote PC? - windows

Is it possible to execute a Windows shell command on a remote PC when I know its login name and password?
Is it possible to do it using client PC's Windows shell?

If you are in a domain environment, you can also use:
winrs -r:PCNAME cmd
This will open a remote command shell.

psexec \\RemoteComputer cmd.exe
or use ssh or TeamViewer or RemoteDesktop!

This can be done by using PsExec which can be downloaded here
psexec \\computer_name -u username -p password ipconfig
If this isn't working try doing this :-
Open RegEdit on your remote server.
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
Add a new DWORD value called LocalAccountTokenFilterPolicy
Set its
value to 1.
Reboot your remote server.
Try running PSExec again from
your local server.

You can use native win command:
WMIC /node:ComputerName process call create “cmd.exe /c start.exe”
The WMIC is part of wbem win folder: C:\Windows\System32\wbem

Related

SSH to remote Windows machine using username and password through shell script

I am trying to SSH to a remote Windows machine (an AWS ec2 instance) by using an username and password of the remote machine. I need to automate this connection to run some remote commands from my script (either shell or Power shell) without prompting me for a password, My script shouldn't fail by expecting a password to be prompted
I don't want to use sshpass or any generated keys (by using ssh-keygen). Since the source machine where I run this command/script is not a dedicated machine, I may run it on a different machine everytime. I also gave a try to connect using the .PEM file provided by AWS as below (thought it could be easy while using it the script).
$ssh -i aws_keypair.pem Administrator#10.10.10.10
Administrator#10.10.10.10's password:
It is still expecting me for a password even if I used the .PEM file, I also tried to created an file 'authorized_keys' in the remote Windows machine under the path "C:\Users\Administrator.ssh\". Still it is prompting me for a password.
Expectation :
Connect to remote Windows machine using PEM file and run some remote commands.
(or)
It shouldn't prompt me for a password while I try for the connection from some script (shell/power shell).
Can be done without any 3rd party tools like this:
$env:TMPPW=Get-Content -Path 'secure_file.txt' ; $un='MyUserName'
$j=Start-Job -ScriptBlock{Start-Sleep -Seconds 1
(New-Object -ComObject wscript.shell).SendKeys("$env:TMPPW{ENTER}")}
& ssh.exe -q -4 -l $un 127.0.0.1 'whoami'
$env:TMPPW=([guid]::NewGuid()).Guid ; $env:TMPPW=$null
I am able to achieve this using Plink command (Installation of Putty is required on source machine to execute this command). So now, I am able to successfully pass the username and password with in the script (Shell script) and everything is working as expected.
FYI, I am pasting the exact command which worked for me
$echo y | plink -ssh Administrator#10.10.10.10 -pw abc123 "dir"

Access non ssh windows hosts and apply cmd commands remotely

We used to SSH into Windows machines remotely, execute commands, and get replies using the JSch API like:
((ChannelExec)channel).setCommand(""cmd /c dir"+"\r\n"");
InputStream in = channel.getInputStream();
String sScriptStatus="";
byte[] tmp=new byte[20000];
while(true){ ...
}
But now we have to access a large group of machines which do not have SSH enabled, and we don't want to change anything on these machines. Is there another similar API built-into Windows that we could use?
Depending on your environment and requirements, you could use wmic or psexec to execute remote commands.
psexec:
psexec \\remote-computer cmd /c dir
wmic:
wmic /node:remote-computer process call create "cmd /c dir"

PSEXEC returning garbage result. Why?

I want to run a script on a remote windows 2008 server using PSEXEC of PSTOOLs..
I have installed PSTOOLs on my local machine and can run the PSEXEC command successfully as well. I connect to the remote server through it and it even picks up the script placed there. However, all I get is some sort of garbage values. And after that it states that the intended network is no longer available, which it is because I can see it and access it through the GUI.
I must mention that when I execute that script manually in the remote server it works fine. I am using windows remote desktop utility to connect to the server.
Am I using PSEXEC the correct way? Or is the intended function of PSEXEC the same as what I am trying to do?
First you should have a look at the help page
You must use -w to specify the remote working dir, and you can't call a .bat directly, you have to call cmd.exe. So try this
psexec \\remoteserver -w "c:\users\admin\desktop\" cmd.exe /c youbatch.bat

run command as administrator on remote windows machine

Situation: Running the bat file on windows machine:
1. When I double click the bat file: Bat running is failed.
2. When I right click on bat file and run as administrator: Bat run is successful.
Now I have to run this bat file successfully from remote machine.
What I did:
1. Installed freeSSDd on remote machine and configured administrator user on freeSSHd to access shell and SFTP.
2. Now I am able to login to the remote machine using putty.
Problem:
I am not able to run the bat file successfully. How can I achieve this?
I also used runas /savecred /user:administrator C:/install.bat, but It didn't helped.
There is a way to get this working without any 3rd party software.
You have to create a task on the remote machine using the windows task scheduler which simply executes the desired command. There is an option where you can tell the scheruler to run a bat with a specific account. Enter an admin account and the password and check the "run with highest privileges" box. Leave "Triggers" empty, go to "Settings" and check the "Allow task to be run on demand" box. That's it!
Now when you want to run your file from a different location do
SCHTASKS /RUN /S <RemoteServerName> /U username /P password /TN "<task name>"
If you don't want to enter username and password each time you can adept the user policy (e.g. add the calling machine to the trusted list of the server).
If you have installed an ssh daemon, then you can run your BAT in a remote shell, but you remote shell may open up in something other than CMD.COM. I use cygwin to set up sshd and then from a remote machine, if I ssh in to run a command, it is using cygwin's bash. I can run a BAT file, but need to call CMD first:
ssh WINDOWS_SERVER "cmd /C D:\PATH_TO_BAT\BATCHFILE.BAT"
But there are some pieces missing here. I looked briefly at the Freesshd page and saw only graphical interfaces. Does freesshd support remote command execution, or just secure fire transfer? And what sort of shell get executed on the windows server when you run it?
cygwin is an entire Linux subsystem that runs under Windows and includes an sshd server, but might be a bit much for someone starting out: https://cygwin.com/
\n makes a powershell remote server that listens on port 22 (ssh) and dumps you into a powershell prompt, you can then use my steps above to call CMD from powershell, versus a bash shell.
http://www.powershellserver.com/

psexec giving the system cannot find the file specified

I'm trying to run this from my win7 CMD (as Admin):
psexec IpAddress -u domain\user -p pword c:\Autobatch\ClientJobSender.exe http://reportserver.net:8070/JobExecutor.asmx c:\AutoBatch\backup\trigger.xml
but am getting a "the system cannot find the file specified" error.
I've also tried it this way:
psexec IpAddress -u domain\user -p pword c:\Autobatch\ClientJobSender.exe http://reportserver.net:8070/JobExecutor.asmx c:\AutoBatch\backup\trigger.xml
but get a unknown user or bad password.
What's weird is that I can connect via Remote desktop with the same IP address and user/pass.
Make sure the server has the settings below:
a) Admin share is enabled: run services.msc and check the Service "Server" is enabled
b) Add the key for the share in the registry and restart:
reg add "HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" /v AutoShareServer /t REG_DWORD /d 1
And then use:
psexec \\IpAddress -u domain\user -p pword -w "c:\Autobatch" "ClientJobSender.exe http://reportserver.net:8070/JobExecutor.asmx c:\AutoBatch\backup\trigger.xml"
Actually, I don't see a difference between your 2 command lines. However, the error from the first command is because your syntax is incorrect. You must use
PsExec \\a.b.c.d ...
instead of
PsExec a.b.c.d ...
I got it to work by elevating the local batch file to execute with administrator privileges, that is to say, the terminal window was operating with administrator privileges.
If you're trying to use automation services, you can use the ClientJobSender.exe on the local machine (or on the machine where you set up the scheduling). Just copy the ClientJobSender.exe and the related config file from the install pack to the scheduler server and refer it locally.
You might have the directory path wrong. Try change the .exe path into cmd.exe and cd into your intended path to see if it is actually the correct path.

Resources