mmm, don't know if it will help you, but here's a solution to reboot computer if you have shell access but no way to upload files on the server:
You have access to a command shell, so it's possible to do:
echo something_blabla > file.txt
I mean you can redirect text you type to a file.
So, you can try this:
Convert the reboot.exe into debug script form with BIN2DBG.EXE (i attached the 2 files)
>bin2dbg reboot.exe
Convert a binary file to a DEBUG script
---------------------------------------
Converting... 100 %
Copyright 1995 Anthony Caruso
306 South Main Street
Muncy, PA 17756-1508
Any donations are appreciated.
---
Now all you have to do (but will be difficult 'by hand', you have to use a little batch to type for you ;-) ) is to type this in your remote shell:
echo n REBOOT.EXE >dscript
echo. >>dscript
echo e 100 4D 5A 90 0 3 0 0 0 4 0 0 0 FF FF 0 0 >>dscript
echo e 110 B8 0 0 0 0 0 0 0 40 0 0 0 0 0 0 0 >>dscript
echo e 120 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 >>dscript
echo e 130 0 0 0 0 0 0 0 0 0 0 0 0 D8 0 0 0 >>dscript
echo e 140 E 1F BA E 0 B4 9 CD 21 B8 1 4C CD 21 54 68 >>dscript
echo e 150 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F >>dscript
echo e 160 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 >>dscript
echo e 170 6D 6F 64 65 2E D D A 24 0 0 0 0 0 0 0 >>dscript
echo e 180 66 77 4C 6B 22 16 22 38 22 16 22 38 22 16 22 38 >>dscript
.
. and so... (the entire content of the debug dcript created with bin2dbg)
.
then the last command who create the reboot.exe file:
debug<dscript
Now you can execute reboot.exe ;-)
Hahem...I know this no genius idea, but it worked for me... If someone has got a better method when no file transfert is possible, well i want to know
-thanks by advance.
---------------
good luck ....
--Here's some infos you may need in other situation:
DOS ECHO G=FFFF:0000 Ķ DEBUG Reboot Warm boot, sometimes cold boot.
Win31* ECHO G=FFFF:0000 Ķ DEBUG Task Manager popup And sometimes reboot
Win9* RUNDLL USER.EXE,ExitWindows Shutdown (2)
Win9* RUNDLL USER.EXE,ExitWindowsExec
Win98: Restart Windows, sometimes reboot.
Win9* RUNDLL SHELL.DLL,RestartDialog Restart dialog "System Settings Changed, Do you want to restart your computer now?" dialog
Win98 RUNDLL32 KRNL386.EXE,exitkernel Poweroff Poweroff for ATX boards only, otherwise normal shutdown (3)
Win98/ME RUNDLL32 SHELL32.DLL,SHExitWindowsEx
n can be any combination (sum) of the following numbers: (4)
0 Logoff
1 Shutdown
2 Reboot
4 Force
8 Poweroff (if supported by the hardware)
Win98/ME RUNONCE.EXE -q Reboot (4)
NT4 RUNDLL32 USER32.DLL,ExitWindowsEx
RUNDLL32 USER32.DLL,ExitWindowsEx Logoff Most systems require the command to be called twice before logging off
NT+RK (1) SHUTDOWN /L /R /T:0 /Y Reboot Immediate shutdown & reboot
NT+RK (1) SHUTDOWN /L /T:10 /Y /C Delayed shutdown Shutdown in 10 seconds, close without saving.
Can be stopped during those 10 seconds using SHUTDOWN /A
NT (1) PSSHUTDOWN \\mynt4srv -K -F -T 20 Delayed poweroff Poweroff \\mynt4srv after a 20 seconds delay
Can be aborted using PSSHUTDOWN \\mynt4srv -A
Uses PSSHUTDOWN.EXE from SysInternal.com's PS Tools
NT (1) PSSHUTDOWN \\myw2ksrv -O -F -T 0 Logoff Immediately logoff console user on \\myw2ksrv
Uses PSSHUTDOWN.EXE from SysInternal.com's PS Tools
XP SHUTDOWN -r -t 10 Delayed reboot Reboot after a 10 seconds delay.
Can be stopped during those 10 seconds using SHUTDOWN -a
XP SHUTDOWN -s -t 01 Delayed shutdown Shutdown after a 1 second delay, NO poweroff.
TS LOGOFF 16 /SERVER:termserv1 Logoff Logoff session 16 on Terminal Server TERMSERV1.
Use the QUERY USER command to find out which session ID belongs to whom.
More Terminal Server commands here.
TS TSSHUTDN 45 /SERVER:termserv1 /POWERDOWN /DELAY:20 /V Delayed poweroff Notify all users on Terminal Server TERMSERV1, logoff all Terminal Server sessions after 45 seconds, wait another 20 seconds, and then shut down Terminal Server TERMSERV1 and power off.
See my Terminal Server Commands page for the exact syntax.
Kix $RC = SHUTDOWN( "\\server", "Shutting down...", 10, 1, 0 ) Delayed shutdown Shutdown \\server in 10 seconds, with message, close without saving, no reboot
Kix $RC = SHUTDOWN( "\\server", "", 0, 1, 1 ) Reboot Immediate shutdown & reboot \\server, without a message
Kix $RC = LOGOFF( 1 ) Logoff Forcing applications to close.
Use 0 instead of 1 if you don't want to force applications to close
Perl InitiateSystemShutdown( $sComputer, $sMessage, $uTimeoutSecs, $bForce, $bReboot ) General syntax (ActivePerl for Windows only)
Perl InitiateSystemShutdown( "", "", 0, 1, 1 ) Reboot Immediate reboot without message, force applications to close without saving data
Perl InitiateSystemShutdown( "", "Going down...", 10, 0, 1 ) Delayed reboot Reboot after 10 seconds, with message and without forcing applications to close
Perl InitiateSystemShutdown( "10.0.1.16", "Sorry", 5, 1, 0 ) Delayed shutdown Shutdown of remote computer after 5 seconds, with message and forced closing of applications
Regina Rexx RC = W32SysShutdown( how [,force] ) General syntax (Regina Rexx for Windows with W32Funcs only).
how can be either Reboot, Logoff, Poweroff or Shutdown.
force can be either Force or Noforce.
Regina Rexx RC = W32SysShutdown( "P", "F" ) Poweroff Immediate shutdown and poweroff, forced closing of application
Regina Rexx RC = W32SysShutdown( "L", "N" ) Logoff Logoff, prompt for saving unsaved data
WSH [1] Set OpSysSet = GetObject("winmgmts:{(Shutdown)}//./root/cimv2").ExecQuery("select * from Win32_OperatingSystem where Primary=true")
[2]
[3] for each OpSys in OpSysSet
[4] OpSys.Reboot()
[5] next Reboot Requires WMI.
Remove [line numbers].
WSH Replace line 4 in the script above with this one:
[4] OpSys.Shutdown()
to shut down the PC instead of rebooting it. Shutdown But no poweroff.
See my WSH page for examples on how to reboot or shut down remote computers too.
WSH [1] Const EWX_LOGOFF = 0
[2]
[3] Set wmi = GetObject("winmgmts:{(Shutdown)}")
[4] Set objSet = wmi.InstancesOf("Win32_OperatingSystem")
[5]
[9] For Each obj in objSet
[6] Set os = obj
[7] Exit For
[8] Next
[9]
[10] os.Win32Shutdown EWX_LOGOFF Logoff Requires WMI.
Remove [line numbers].
OS/2 START /PM SHUTDOWN && EXIT Shutdown Will still stop and ask for confirmation if a non-PM application is active
OS/2 SETBOOT /B Reboot Unconditional shutdown & reboot from default Boot Manager entry.
OS/2 SETBOOT /IBD:C: Reboot Unconditional shutdown & reboot from C: drive
OS/2 SETBOOT /IBA:nonsense Shutdown Unconditional shutdown & failing reboot.
Needs Boot Manager installed.
Will reboot, no questions asked, and then stop if nonsense is an invalid Boot Manager menu entry (which, in this case, is exactly what we want).
OS/2 LOGOFF Logoff Both LAN Server client and Peer
**Notes: 1 DOS MS-DOS or PC-DOS
Win31* Windows 3.1, 3.11 or 3.11 for Workgroups
Win9* Windows 95 or 98
Win98 Windows 98
Win98/ME Windows 98 or Windows Millennium Edition (ME)
NT4 Windows NT 4 (not Windows 2000)
NT Windows NT 4 or Windows 2000
NT+RK Windows NT 4 or Windows 2000 with the appropriate Resource Kit
2000 Windows 2000
XP Windows XP
TS Windows NT 4 Terminal Server Edition or Windows 2000 (Advanced) Server with Terminal Server installed
Kix Windows (any) with KiXtart
Perl Windows (any) with ActivePerl
Regina Rexx Windows (any) with Regina Rexx and W32Funcs
WSH Windows (32 bits) with Windows Script Host
OS/2 OS/2 Warp 3 and 4, LAN Server and Warp Server Hope you' lle find it usefull ;-)
Starsky32.
USE THIS TOOOOOOOOOOOLLLLLLLLLLLLLLLLLLLLLL
here you go...
