Jump to content
Sign in to follow this  
sbonacina

[SOLVED] Capturing psexec output running "reg" on a remote machine

Recommended Posts

sbonacina

Dear fellows

I searched through the forum about this issue, tested all the suggestions I found but none helped me.

Issue: in a company environment, with many client PCs, I need to read the remote registry of those PCs to ensure some keys have not been manipulated. For security reasons, access to remote registry has been disabled, WMI too. Thus, I need to use psexec, but I cannot get in any way the remote reg command output.

Here's the code I'm using:

local  $cmdOUT

$PID=Run("psexec \\win7ultimate -u username -p password  -accepteula  reg query ""HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"" /v Userinit ", "",@SW_MINIMIZE, 0x2)
ProcessWait($PID)

While 1

    $line = StdoutRead($PID)

    If @error = -1 Then ExitLoop

    $cmdOUT &= $line

Wend

ConsoleWrite($cmdOUT)

The only output written on console is:

PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com

Connecting to win7ultimate...


Starting PSEXESVC service on win7ultimate...


Connecting with PsExec service on win7ultimate...


Starting reg on win7ultimate...



reg exited on win7ultimate with error code 0.

Needless to say, the same command run on a command prompt gives a correct output containing the remote key.

I also tried with stderr, but the output is the same as stdout.

What am I doing wrong?

Any help will be appreciated

Thanks for your attention

stefano

 

Edited by sbonacina

Share this post


Link to post
Share on other sites
jguinch

Try with both $STDOUT_CHILD and $STDERR_CHILD in your Run command.

Edit : you can also use RegRead to retrieve a value remotly, or WMI to specify a username and password.

Edited by jguinch

Share this post


Link to post
Share on other sites
BrewManNH

PSExec is the issue, it isn't using the StdOut to display it's text in the console window. It's a known issue with it. The only way to get it to give you the StdOut text is to run another file script or batch file, on the remote computer using PSExec and get the output from THAT instead of PSExec. You can redirect the output to a text file and open the text file to read the results.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites
sbonacina

Thanks everybody.

I followed BrewManNH suggestion and wrote a separate .BAT file containing the reg query

Then I put psexec in my autoit script to run the bat file, and then to retrieve the file written in the remote system.

Problem solved!

 

Edited by sbonacina

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×