Jump to content

Remote Execution through WMI

Recommended Posts

How to open a remote computer program through WMI.

I use WMI Win32_Process remote computer can successfully open Process,But failed to open a graphical interface that only shows running in the Process.

If the remote I run Notepad, how to open it? (Non-Process mode) Like manually open Notepad as open.

I am looking for some articles, some say that Windows permissions problem.

Code :

  $Username = ""
  $Password = ""
  $Computer = ""
Func RemoteExecute($strProgToRun)

    Local $objWMIService, $objProcess, $objProgram

    $objSWbemLocator = ObjCreate("WbemScripting.SWbemLocator")

    $objWMI = $objSWbemLocator.ConnectServer($Computer, "rootcimv2", $Username, $Password)  
    $objWMI.Security_.ImpersonationLevel = 3

    $objProcess = $objWMI.Get("Win32_Process")

    $objProgram = $objProcess.Methods_("Create").InParameters.SpawnInstance_
    $objProgram.CommandLine = $strProgToRun

    $objWMI.ExecMethod("Win32_Process", "Create", $objProgram)                                       


Can be performed, but only in Process mode, can not see graphic.

Another psexec can start properly, no problem.

Edited by ericli03
Link to post
Share on other sites

you can not. this is a security consideration, and a very valid one. remote user - whoever he is, admin or not - should not be allowed to open a process running under the currently logged-on user security context. when you do a remote call, by PsExec or otherwise, it is run under the remote caller context. you are asking for code to run as if the logged-on user called it.

there are methods to override this, but the short answer is - you don't.

think what you are trying to accomplish, i'm sure you'll find a much more valid and simple way to do it. you can present your goal here, if it is legitimate you will get all the help you can get.

Link to post
Share on other sites
Thank orbs!
I wish there could open the remote computer as a way exe file in addition psexec outside ..
Tried some methods (WMI, TCP), but it seems there is only Psexec way.
There are other ways to remotely turn it? 
Link to post
Share on other sites
  • Moderators

What is the application you're trying to execute remotely, and why would you want to do so in the remote user's context rather than just instructing the user to launch it themselves?

"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...