Remote Execution without Runas or Psexec

[RogFleming]

Here is a a code snip it to allow you to run a program on a remote system as yourself. I'm working on a version which will allow you to set a scheduled task so it will work interactively with the desktop. Currently it is hidden from the desktop. You will have to look in task manager to see the process.

Dim $objWMIService, $objProcess
Dim $strShell, $objProgram, $strComputer, $strExe, $strInput
$strComputer = InputBox("ComputerName to Run Script","Computer Name")
$strExe = "notepad.exe"
$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")
$objProcess = $objWMIService.Get("Win32_Process")
$objProgram = $objProcess.Methods_("Create").InParameters.SpawnInstance_
                                        $objProgram.CommandLine = $strExe

;Execute the program now at the command line.
$strShell = $objWMIService.ExecMethod( "Win32_Process", "Create", $objProgram)
MsgBox(1,"","Created: " & $strExe & " on " & $strComputer)

Edited October 25, 2010 by RogFleming

[enaiman]

Well - haven't tried it yet but I will. It looks very promising.

It will make a very nice UDF.

Thank you for sharing this

[daluu]

Thanks for sharing. I can make good use of that WMI technique to do the same in VBScript or .NET.

[Juvigy]

$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")

This line fails for me. Do i need to be logged on the remote computer?

[spudw2k]

$objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\CIMV2")

This line fails for me. Do i need to be logged on the remote computer?

You shouldn't need to be logged into the remote pc.

It could fail if you don't have admin rights to the remote machine or if WMI is disabled on it.

Also be sure you can ping/reach the machine specified in the $strComputer variable.

edit:

just some additional info

http://www.autoitscript.com/forum/index.php?showtopic=44913&view=findpost&p=672678

Edited October 26, 2010 by spudw2k

[UEZ]

I'm working on a version which will allow you to set a scheduled task...

As far as I can remember you can use SCHTASKS.exe to create scheduled tasks also on remote machines.

Br,

UEZ

PS: reached 1000

Edited October 26, 2010 by UEZ

[Juvigy]

You shouldn't need to be logged into the remote pc.

It could fail if you don't have admin rights to the remote machine or if WMI is disabled on it.

Also be sure you can ping/reach the machine specified in the $strComputer variable.

edit:

just some additional info

http://www.autoitscript.com/forum/index.php?showtopic=44913&view=findpost&p=672678

I checked it all. Still doesnt work.Checked firewalls and everything. Win XP domain environment.

[spudw2k]

I checked it all. Still doesnt work.Checked firewalls and everything. Win XP domain environment.

Just for troubleshooting purposes, does it fail if you run the script locally on the box?

[RogFleming]

Updated option if the previous solution did not work for you: I found an issue if I want to execute a program on another system which needs to pass credentials to a network resource would fail. I needed to run the remote program Explicitly.

Using PsExe.exe to launch wmic.exe on a remote system to start a process on that workstation,the network credentials are preserved. FYI the "c:\DTESCAN\" directory in the command is on the remote system, You could use PsExec to copy a file to execute instead.

Also if you do not need to have credentials instead of the previous code you could do the following in you run command:

run("wmic.exe /node:"&$targethost&" "&/node:"&$strComputer&" "&"PROCESS CALL Create"&" "&"'"&$Program&"'")

Func RemoteExecutePsExec($ScanName, $strComputer,$sComputerName,$proc)
Sleep(30)
ShellExecute("c:\SysinternalsSuite\PsExec.exe","-d \\"&$strComputer&" "&"-u domain\username -p password wmic /node:"&$strComputer&" "&"PROCESS CALL Create"&" "&"'"&"c:\DTESCAN\"&$ScanName&" "&$sComputerName&" "&$Proc&"'","","Open",@SW_HIDE)
Sleep(30)
EndFunc

Edited October 30, 2010 by RogFleming