Jump to content
Sign in to follow this  
parrishjason

Spawning Interactive Shell with AutoIT [over psexec?]

Recommended Posts

I am trying to spawn a cmd.exe shell on a remote machine using psexec then proceed to running commands on that machine and reading the output. I.e. running pwd. 

Unfortunately, the code I have now will just immediately exit cmd on the remote system 

I'm trying to use the current code

#include <Constants.au3>
$pid = Run('C:\Users\test\Desktop\psexec.exe \\192.168.1.123 -u test -p "P@$$word1" -h -s cmd',@SystemDir, @SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD)
StdinWrite($pid,"pwd")
StdinWrite($pid,@CRLF)
Local $data
Sleep(2000)
$data &= StdoutRead($pid)
ConsoleWrite("Debug:" & $data & @LF)
StdinWrite($pid,"cd ")
StdinWrite($pid,"C:\users\test2")
StdinWrite($pid,@CRLF)
StdinWrite($pid)
$data &= StdoutRead($pid)
ConsoleWrite("Debug:" & $data & @LF)

http://stackoverflow.com/questions/19206834/command-prompt-and-autoit-stdinwrite <- credits to this stack overflow post

Unfortunately, on my end, my cmd just starts/stops with this prompt
 

Connecting with PsExec service on 192.1.123...Starting cmd on 192.168.1.123...
cmd exited on 192.168.1.123 with error code 0.

Any ideas how I can keep my shell open over psexec and still interact with it using AutoIT?

Any feed back would be amazing! Thanks!

Share this post


Link to post
Share on other sites

You probably can't, you'd need to run the commands on the target machine directly and not remotely.


If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.
Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag Gude
How to ask questions the smart way!

I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from.

Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays.  -  ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script.  -  Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label.  -  _FileGetProperty - Retrieve the properties of a file  -  SciTE Toolbar - A toolbar demo for use with the SciTE editor  -  GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI.  -   Latin Square password generator

Share this post


Link to post
Share on other sites

Can't you use a batch file to trigger all the commands using psexec instead of keeping it open on remote machine and sending one by one.

If you want to track the execution, you can create a log file there and copy to your machine at the end.

Share this post


Link to post
Share on other sites
On 8/17/2016 at 9:39 AM, ur said:

Can't you use a batch file to trigger all the commands using psexec instead of keeping it open on remote machine and sending one by one.

If you want to track the execution, you can create a log file there and copy to your machine at the end.

No.  The issue that is being described is one that has been experienced by many others:

https://forum.sysinternals.com/psexec-always-hangs-when-run-from-java_topic5013.html

However, PAexec, a command line application that is essentially a clone of psexec, might give you more luck.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By nacerbaaziz
      hello autoit team
      please i need your help today
      am trying to make the list of features in list view and control it
      am using the dism command line to read output
      i've made the code
      but i found some problems
      what i need is the list of features in 2d array
      $array[$n][0]= name $array[$i][1] = state
      when i tested the code
      it give me some results that i don't need to it e.g
      ------ ------  | --------
      or
      name       | state
      i need just the list of features and there state
      please help me to do that
      here is my example
      #RequireAdmin #NoTrayIcon #include <AutoItConstants.au3> Wow64EnableWow64FsRedirection(false) _Windows_Get_Features() func _Windows_Get_Features() local $a_FeaturesArray[1][2] $a_FeaturesArray[0][0] local $i_Dism_Run = Run("DISM /online /english /get-features /format:table", "", @sw_hide, BitOR($STDERR_CHILD, $STDOUT_CHILD)) local $s_OutputDism = "", $a_OutPutDism While 1 $s_OutputDism = StdoutRead($i_Dism_Run) If @error Then exitLoop if ($s_OutputDism = "") or (StringRegExp($s_OutputDism, "^((\-){1,})?(?:\s)\|?(?:\s)((\-){1,})$", 0) = 1) then ContinueLoop if (StringRegExp($s_OutputDism, "((([\s\d\-\+\_\,]{1})\|([\s\d\-\+\_\,]{1})){1,})", 0) = 1) then $a_OutPutDism = StringSplit($s_OutputDism, @lf) for $i = 1 to $a_OutPutDism[0] if msgBox(1, $i, $a_OutPutDism[$i]) = 1 then exitLoop next endIf Wend endFunc func Wow64EnableWow64FsRedirection($b_Enabled) local $h_OpenFS = DLLOpen("kernel32.dll") local $Return = DllCall($h_OpenFS, "boolean", "Wow64EnableWow64FsRedirection", "boolean", $b_Enabled) if @error then DLLClose($h_OpenFS) Return SetError(@error, @extended, -1) else DLLClose($h_OpenFS) Return $Return[0] endIf endFunc  
    • By cruisepandey
      Hi There ! 
      I have a script here : 
       
      ;Launch CMD
      Run("C:\Windows\System32\cmd.exe")
      sleep(2000)
      $cmdHandle = WinActivate("C:\Windows\System32\cmd.exe")
      Sleep(2000)
      ;Sending document
      ControlSend($cmdHandle, "", "", "ftp" & @CRLF)
      ControlSend($cmdHandle, "", "", "open" & @CRLF)
      Sleep(2000)
      ControlSend($cmdHandle, "", "", "first command" & @CRLF)
      Sleep(2000)
      ControlSend($cmdHandle, "", "", "second-coomand" & @CRLF)
       
      first-command and second-command I can't provide cause it's internal. I have complied this .au3 file into an exe and it does the work. But I need to invoke this with Java. Java code I have tried is : 
       
          ProcessBuilder pb = new ProcessBuilder("C:\\Users\\username\\eclipse-workspace\\Examples\\src\\com\\own\\examples\\etc.exe");
          pb.start();
          Thread.sleep(5000);
       
      Through java it just launches the cmd and nothing happens after that. Please help !!
    • By Chimp
      I'm trying to drive a command prompt by sending instructions via a NamedPipe.
      This way you can (should) be able to send commands to the command prompt and at the same time "view" the result in the same window.
      This is not allowed if you run a command prompt with "opt_flag" parameters (redirected streams) because this will disable StdOut on the cmd itself.
      This small (trivial) snippet works for the first command sent to the cmd, but further submissions will fail.
      Maybe the problem is in how I use the run () command to start a new cmd with the StdIn redirect from the NamedPipe. It seems that the generated cmd will close automatically after the first reception of the command via NamedPipe.
      suggestions on how to make it work are welcome
      thanks
      #include <NamedPipes.au3> #include <WinAPI.au3> ; Creates an instance of a named pipe Global $sPipeName = "\\.\pipe\pipename" Global $hPipe = _NamedPipes_CreateNamedPipe($sPipeName, 1, 1) MsgBox(0, "Debug", "Pipe created. Now open a CMD") ; run a cmd with only StdIn redirected (StdIn data incoming from a pipe) Global $hCMD = Run(@ComSpec & " /K cmd < " & $sPipeName & @CRLF, "c:\") ; ok? MsgBox(0, "Debug", "now Send a command to the cmd via a NamedPipe") _StdInPipeWrite("dir" & @CRLF) MsgBox(0, 'Debug', "further commands will fail" & @CRLF & "now send command 'dir c:\windows'") $sMessage = "Dir c:\windows" & @CRLF _StdInPipeWrite($sMessage) MsgBox(0, 'Debug', "send another command (will also fail)" & @CRLF & "now send command 'echo Hello'") _StdInPipeWrite("echo Hello" & @CRLF) MsgBox(0, "Debug", "end of test") ProcessClose($hCMD) Func _StdInPipeWrite($sMessage) ; =============================================================================================================================== ; This function writes a message to the pipe ; =============================================================================================================================== Local $iWritten, $iBuffer, $pBuffer, $tBuffer $iBuffer = StringLen($sMessage) + 1 $tBuffer = DllStructCreate("char Text[" & $iBuffer & "]") $pBuffer = DllStructGetPtr($tBuffer) DllStructSetData($tBuffer, "Text", $sMessage) If Not _WinAPI_WriteFile( _ $hPipe, _ ; ...... Handle to the file to be written $pBuffer, _ ; .... Pointer to the buffer containing the data to be written $iBuffer, _ ; .... Number of bytes to be written to the file $iWritten, _ ; ... The number of bytes written 0 _ ; ............ [optional] A $tagOVERLAPPED structure or a pointer to it ) Then ConsoleWrite("WriteMsg: _WinAPI_WriteFile failed" & @CRLF & _WinAPI_GetLastErrorMessage()) Else ConsoleWrite("WriteMsg: write OK" & @CRLF & _WinAPI_GetLastErrorMessage() & @CRLF) EndIf EndFunc ;==>_StdInPipeWrite  
    • By nacerbaaziz
      question about _WinAPI_CreateWindowEx
      good morning
      welcome autoit team
      please i need your help
      i've searched a lot about how to use the _WinAPI_CreateWindowEx
      finally i found an example
      but i found some problem i hope you can help me
      firstly, i want to set the controls focussable with the keyboard input
      i already used the ws_tabStop but it did not work with me.
      secondly, i want to set some access keys linked with the window
      such as control+o enable the open button and control+f4 exit the app
      note: i need a local access keys and not a global hotkeys
      such as GUISetAccelerators
      finaly, before i will put the code here i must clarify a few things.
      1. you will ask me why you don't use the GUICreate function
      here i'll tell you that it as dialog and It is a little heavy in motion with screen readers.
      the screen readers for blind has some function that work with dialogs and others work with full windows style
      2. you will ask me why you didn't search the net for that?
      i will tell you that all examples that i found in the internet with pdfs and Picture books.
      i found some examples in microsoft but it with cpp.
      ok here is the code
      i hope you can help me to do what i want
      thank you in advance
       
      ; Small AutoIt Application that uses Windows API ; Written by Yuraj #NoTrayIcon #include <_RegisterClassEx.au3> #include <WinAPI.au3> #include <WindowsConstants.au3> #include <ButtonConstants.au3> #include <EditConstants.au3> #include <FontConstants.au3> AutoItSetOption("MustDeclareVars", 1) ; Window definitions Const $WinWidth = 370 Const $WinHeight = 350 Const $WinXPos = (@DesktopWidth / 2) - ($WinWidth / 2) Const $WinYPos = (@DesktopHeight / 2) - ($WinHeight / 2) Const $WinTitle = "Win32 Application - Text reader" Const $WinClass = "mainapp" Const $WinIcon = _WinAPI_LoadIcon(_WinAPI_GetModuleHandle("shell32.dll"), 13) ; Windows handles Global $hwnd, $edit1, $btn1, $btn2 ; Fonts Global $fnt1 ; Register class, Create the window Local $retVal = __WinAPI_RegisterClassEx($WinClass, "WindowCallback", $WinIcon, 0, _WinAPI_GetSysColor($COLOR_BTNFACE), BitOR($CS_DEFAULTSTYLE, $CS_DROPSHADOW)) ; If $retVal == 0 Then ; If registerclass fails MsgBox(16, "Error", "Error while registering window class!") Exit EndIf ; Create windows/controls $hwnd = _WinAPI_CreateWindowEx($WS_EX_STATICEDGE, $WinClass, $WinTitle, BitOR($WS_OVERLAPPED,$WS_SYSMENU, $WS_MINIMIZEBOX, $WS_GROUP, $WS_DLGFRAME), $WinXPos, $WinYPos, $WinWidth, $WinHeight, 0) $btn1 = _WinAPI_CreateWindowEx(0, "button", "Open file ...", BitOR($WS_VISIBLE, $WS_CHILD, $WS_TABSTOP, $WS_CLIPCHILDREN), 25, 270, 100, 30,$hwnd) $btn2 = _WinAPI_CreateWindowEx(0, "Button", "Exit", BitOR($WS_VISIBLE, $WS_CHILD, $WS_TABSTOP, $WS_CLIPCHILDREN), 235, 270, 100, 30, $hwnd) $edit1 = _WinAPI_CreateWindowEx(0, "edit", "text", BitOR($WS_VISIBLE, $WS_CHILD, $WS_VSCROLL, $ES_AUTOVSCROLL, $es_readOnly, $WS_TABSTOP), 5, 5, $WinWidth - 15, $WinHeight - 100, $hwnd) ; Set controls identifiers _WinAPI_SetWindowLong($btn1,$GWL_ID,150) _WinAPI_SetWindowLong($btn2,$GWL_ID,160) ; Set (controls) fonts $fnt1 = _CreateFont("MS Sans Serif", 15) _WinAPI_SetFont($btn1, $fnt1) _WinAPI_SetFont($btn2, $fnt1) _WinAPI_SetFont($edit1, $fnt1) ; Set focus to edit _WinAPI_SetFocus($edit1) ; Show window _WinAPI_ShowWindow($hwnd) _WinAPI_UpdateWindow($hwnd) ; Main loop that keep application opened While 1 Sleep(100) WEnd ;=================================================================; ; WINDOW CALLBACK ... ;=================================================================; Func WindowCallback($_hwnd, $iMsg, $wParam, $lParam) Local $iNC, $iID Switch $iMsg ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Case $WM_CLOSE ; Show message on closing If MsgBox(48 + 4, $WinTitle, "Do you want really exit?", 0, $hwnd) <> 6 Then Return 0 ; Call destructor and then exit main thread FinalizeApp() Exit ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Case $WM_COMMAND $iNC = _WinAPI_HiWord($wParam) $iID = _WinAPI_LoWord($lParam) Switch $iNC Case $BN_CLICKED ; When is control clicked Switch _WinAPI_GetDlgCtrlID($iID) Case _WinAPI_GetDlgCtrlID($btn1) BtnOpenFileClick() Case _WinAPI_GetDlgCtrlID($btn2) BtnExitClick() EndSwitch EndSwitch ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; EndSwitch Return _WinAPI_DefWindowProc($_hwnd, $iMsg, $wParam, $lParam) EndFunc ;==>WindowCallback Func FinalizeApp() _WinAPI_DeleteObject($fnt1) _WinAPI_DestroyWindow($hwnd) __WinAPI_UnregisterClass($WinClass) EndFunc ;==>FinalizeApp Func _CreateFont($fontName, $height = 16, $style = $FW_NORMAL, $italic = False, $underline = False, $strikeout = False) Local $hFont = _WinAPI_CreateFont($height, 0, 0, 0, $style, $italic, $underline, $strikeout, $DEFAULT_CHARSET, _ $OUT_DEFAULT_PRECIS, $CLIP_DEFAULT_PRECIS, $DEFAULT_QUALITY, $DEFAULT_PITCH, $fontName) Return $hFont EndFunc ;==>_CreateFont ;=================================================================; ; WINDOW EVENTS ;=================================================================; Func BtnOpenFileClick() Local $ret = _WinAPI_GetOpenFileName("", "Text files (*.txt)|All files (*.*)", ".", "", "", 1, 0, 0, $hwnd) If ($ret[0] > 0) Then Local $path = $ret[1] & "\" & $ret[2] Local $file = _WinAPI_CreateFile($path, 2, 2) Local $buf = DllStructCreate("byte[" & _WinAPI_GetFileSizeEx($file) & "]") Local $i = 0 _WinAPI_ReadFile($file, DllStructGetPtr($buf), _WinAPI_GetFileSizeEx($file), $i) ; Close file handle _WinAPI_CloseHandle($file) _WinAPI_SetWindowText($edit1, BinaryToString(DllStructGetData($buf, 1))) EndIf EndFunc ;==>BtnOpenFileClick Func BtnExitClick() FinalizeApp() Exit EndFunc ;==>BtnExitClick  
      _RegisterClassEx.au3
    • By 31290
      Hi everyone, 
      Hope you are doing fine by the time being :/
      Well, seems that I'm running into an issue while trying to add an Active domain security group to a remote computer that has a space in it.
      I've been searching for quite a while now and seems that my search did not get well. 

      The ideal solution for me would be to use Psexec.exe as I can run it with my admin credentials whereas using WMIServices, I don't know how to launch that with these credentials.
      Here's what I wrote so far:
      $sADGroupName as a space in it and there's nothing I can do about, we have to respect a naming convention but it would be "Admins REMOTEMACHINENAME"
      Func f_AddADGroup2localAdmin() SplashTextOn("", "Adding " & $sADGroupName & " to the Local Administrators Group.", 1000, 100, -1, -1, 33, -1, -1, 700) $sCommand = $sResources & 'PsExec -accepteula \\' & $sServName & ' net localgroup Administrators MYDOMAIN\"' & $sADGroupName & '" /add' RunAsWait($sTechGID, "MYDOMAIN", $sTechPWD, 4, $sCommand, @SW_SHOW) SplashOff() ; f_MoveADObject() End Func What is weird is when I output the $sCommand variable, the space is in here but it seems not to be passed in my psexec command when I run it.
      Another thing I saw is that 4 times out of 10, psexec does not even launch.
      So I was also wondering if there could be another way to add the "spaced" group with my admin credentials on a remote server other than psexec.
      Thanks all in advance for the lights you may provide to me and keep safe!
      -31290-
       
       
       
       
×
×
  • Create New...