JeffQOOQAAA

Remote install command line

18 posts in this topic

Hi All

If I want to excute command line RunWait(@ComSpec & "/C" &" \\HLKController\HLKInstall\Client\setup.cmd /qn ICFAGREE=Yes ") on client side

But only can excute autoit in server side. is possibly?

Server computer -> excute autoit -> send command  RunWait(@ComSpec & "/C" &" \\HLKController\HLKInstall\Client\setup.cmd /qn ICFAGREE=Yes ")  to Client computer excute

Share this post


Link to post
Share on other sites



Use PSExec

Share this post


Link to post
Share on other sites

Indeed, compile it and send and execute it on the computer with psexec.

Share this post


Link to post
Share on other sites

Thanks, I will try this!!

Share this post


Link to post
Share on other sites

Hi All

I've tried this tool

My client computer name is Y9106666666

But I excute psexec \\Y91066666666 cmd, it will show Couldn't access Y9106666666 Access is denied

May i know why?

Share this post


Link to post
Share on other sites

What are the results of the following?

Click Start » Run
Type:  \\Y91066666666\Admin$
Click: OK

If you get access denied (or prompted for username and password) then the user account you're using doesn't have the correct permissions to access this system, in which case you'll need to use the -u Domain\Username and -p Password options in PSExec.

Share this post


Link to post
Share on other sites

Just putting my security hat on here.  PSExec is extremely risky.  If someone modifies this code they can do literally anything to that target machine.  If the target machine has any level of anti-malware on it this most likely won't work.  Remote Execution is high on the alarm list nowadays.  So to get it to work you might have to add the source machine as a trusted source, further jeopardising the security of the remote machine.

There are commercial softwares and opensource softwares for remote installation that are secure and have authentication built-in to them.

My 2 cents.

Share this post


Link to post
Share on other sites

@weevil In my experience PSExec is really only meant for domain networks and requires a trust between the host and guest systems.  I don't use it often but when I do I just RunAs my compiled executable (without username and password in the command line) and let Windows Authentication do the rest.  We use Trend Micro Office Suite and never had issue with it being flagged as malware.

Usually for software installs we use SCCM which generally installs as the system account from a remote share, this would mean we run the same risk if we allowed users access to the remote share.

I do agree that it is a powerful tool and that you do need to be mindful of security but wouldn't consider the tool itself a security risk just how you use it.

Share this post


Link to post
Share on other sites

@Subz

True, this is also where the danger lies.  I don't want this to turn into an InfoSec discussion though :)

SCCM servers are secure, the remote shares just have software repositories.  From the sounds of OPs question this will be run from a workstation - the weakest point of any network.  Using windows authentication assumes the logged in user has install rights which is even more risky - logging into a workstation as a domain admin for day-to-day.

 

If the installing file has an msi - I suggest MSIEXEC which is a built-in tool to Windows Servers

Share this post


Link to post
Share on other sites

#10 ·  Posted

@Subz

I tried  -u Domain\Username but still got enter password information

but my client computer no setting any password to protect, why?

Share this post


Link to post
Share on other sites

#11 ·  Posted

So your Domain\Username doesn't have a password?

 

Share this post


Link to post
Share on other sites

#12 ·  Posted

yes. right. no password.....

Share this post


Link to post
Share on other sites

#13 ·  Posted

I fix it a long time ago with this reg mod on the tagret machine... open

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

add this....

LocalAccountTokenFilterPolicy

and set this value

1

reboot... and try again.

 

Share this post


Link to post
Share on other sites

#14 ·  Posted

instead of psexec, which is kind of old and unsecure.  How about remote powershell?

Invoke-Command -Computer XXXXX -ScriptBlock{CommandToRun}

Share this post


Link to post
Share on other sites

#15 ·  Posted

@ViciousXUSMC

I excute you suggest command but got fail information

 

PS C:\Users\Administrator\Desktop> Invoke-Command -ComputerName Y9106666666 -Scr
iptBlock {Get-Culture}
[Y9106666666] Connecting to remote server Y9106666666 failed with the
following error message : The WinRM client cannot process the request. If the
authentication scheme is different from Kerberos, or if the client computer is
not joined to a domain, then HTTPS transport must be used or the destination
machine must be added to the TrustedHosts configuration setting. Use winrm.cmd
to configure TrustedHosts. Note that computers in the TrustedHosts list might
not be authenticated. You can get more information about that by running the
following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (Y9106666666:String) [], PSRemotingTr
   ansportException
    + FullyQualifiedErrorId : ServerNotTrusted,PSSessionStateBroken
PS C:\Users\Administrator\Desktop>

Share this post


Link to post
Share on other sites

#16 ·  Posted

By default Windows will not allow you to logon to a system remotely with a null password, this is by design because it would be a major security risk.

In WIndows XP I used the following registry key on my kids system to remote control in, but that was a few years ago now and have no idea if it still works on later OSs.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LimitBlankPasswordUse"=dword:00000000

Share this post


Link to post
Share on other sites

#17 ·  Posted

You must have remote powershell enabled on the computer, this is an administrative task.

The easy way is to run powershell on the computer you want remote services for and use the  Enable-PSRemoting  Command.

 

If your on a domain, enable it via Group Policy

Share this post


Link to post
Share on other sites

#18 ·  Posted

 @ViciousXUSMC

Still got fail message....

PS C:\Users\Administrator\Desktop> Invoke-Command -ComputerName Y9106666666 -Scr
iptBlock {Get-Culture}
[Y9106666666] Connecting to remote server Y9106666666 failed with the
following error message : The WinRM client cannot process the request. If the
authentication scheme is different from Kerberos, or if the client computer is
not joined to a domain, then HTTPS transport must be used or the destination
machine must be added to the TrustedHosts configuration setting. Use winrm.cmd
to configure TrustedHosts. Note that computers in the TrustedHosts list might
not be authenticated. You can get more information about that by running the
following command: winrm help config. For more information, see the
about_Remote_Troubleshooting Help topic.
    + CategoryInfo          : OpenError: (Y9106666666:String) [], PSRemotingTr
   ansportException
    + FullyQualifiedErrorId : ServerNotTrusted,PSSessionStateBroken
PS C:\Users\Administrator\Desktop>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now