Jump to content
31290

Net Local group with Space Name Psexec

Recommended Posts

Hi everyone, 

Hope you are doing fine by the time being :/

Well, seems that I'm running into an issue while trying to add an Active domain security group to a remote computer that has a space in it.
I've been searching for quite a while now and seems that my search did not get well. 

The ideal solution for me would be to use Psexec.exe as I can run it with my admin credentials whereas using WMIServices, I don't know how to launch that with these credentials.

Here's what I wrote so far:

$sADGroupName as a space in it and there's nothing I can do about, we have to respect a naming convention but it would be "Admins REMOTEMACHINENAME"

Func f_AddADGroup2localAdmin()
    SplashTextOn("", "Adding " & $sADGroupName & " to the Local Administrators Group.", 1000, 100, -1, -1,  33, -1, -1, 700)
    $sCommand = $sResources & 'PsExec -accepteula \\' & $sServName & ' net localgroup Administrators MYDOMAIN\"' & $sADGroupName & '" /add'
    RunAsWait($sTechGID, "MYDOMAIN", $sTechPWD, 4, $sCommand, @SW_SHOW)
    SplashOff()
    ; f_MoveADObject()
End Func

What is weird is when I output the $sCommand variable, the space is in here but it seems not to be passed in my psexec command when I run it.

Another thing I saw is that 4 times out of 10, psexec does not even launch.

So I was also wondering if there could be another way to add the "spaced" group with my admin credentials on a remote server other than psexec.

Thanks all in advance for the lights you may provide to me and keep safe!

-31290-

 

 

 

 


~~~ Doom Shall Never Die, Only The Players ~~~

Share this post


Link to post
Share on other sites

My goodness, you were right... That was the thing. 

I probably stayed too much looking at this line and to be honest, I'm not the best at this :)

Thank you Sir. Please keep safe! 


~~~ Doom Shall Never Die, Only The Players ~~~

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By bmy007ro
      I have this psexec command working fine 
      Local $sMachine = InputBox("Input PC name", "Enter Computer Name")
      psexec \\$sMachine -u $sDomain\$sUserName -p $sPassword  \\NetworkFLD\FILENAME.cmd > C:\Temp\TT\My.log
       
      I wanted to converted to AutoIT script
      Cloud you help, please !?
       
    • By Duck
      I'm attempting to capture the output from the command line tool PSEXEC. I'm using AutoIT to run an instance of PSEXEC against a remote PC to audit Local Admins in my environment using net.exe (C:\Windows\System32> net localgroup administrators). However the usual trick I use to capture command line output does not appear to work well with PSEXEC, as the bottom portion of the output is missing from the return. Any ideas or recommendations are greatly appreciated.  
       
      Here is what I'm working with: 
      ;This script will read from a list of hosts and report who has local admin privileges on the machine #RequireAdmin Global $fileName = @ScriptDir & '\test.txt' ;hostlist, one host per line readHostList() ;Read list of hosts Func readHostList() Local $file = FileOpen($fileName, 0) While 1 $line = FileReadLine($file) If @error = -1 Then ExitLoop ConsoleWrite($line & @CRLF) ;MsgBox(0,0,$line) getLocalAdmins($line) WEnd FileClose($file) EndFunc ;run PSEXEC to list local admins Func getLocalAdmins($remotePC) Local $testFile = @ScriptDir &'\test234.txt' FileOpen($testFile, 1) Local $psexec = 'psexec \\' & $remotePC & ' net localgroup administrators' FileWriteLine($testFile, _RunCmd($psexec) ) FileClose($testFile) EndFunc ;Used to return CLI output Func _RunCmd($sCommand) Local $nPid = Run(@Comspec & " /c" & $sCommand, @SystemDir, @SW_Hide, 8), $sRet = "" If @Error then Return "ERROR:" & @ERROR ProcessWait($nPid) While 1 $sRet &= StdoutRead($nPID) If @error Or (Not ProcessExists ($nPid)) Then ExitLoop WEnd Return $sRet EndFunc  
      ## If i manually run the command on the remote PC via PSEXEC I will get the following output: 
      PsExec v2.11 - Execute processes remotely
      Copyright (C) 2001-2014 Mark Russinovich
      Sysinternals - www.sysinternals.com
      Starting net on PCNAME... on PCNAME...
      net exited on PCNAME with error code 0.
      -------------------------------------------------------------------------------
      admin
      Administrator
      Alias name     administrators
      Domain\Domain Admins
      Comment        Administrators have complete and unrestricted access to the computer/domain
      Members
      The command completed successfully.
       
      ## The returned output from running the above script is as follows:
      PsExec v2.11 - Execute processes remotely
      Copyright (C) 2001-2014 Mark Russinovich
      Sysinternals - www.sysinternals.com
      Alias name     administrators
      Connecting to PCNAME...
      Starting PSEXESVC service on PCNAME...
      Connecting with PsExec service on PCName...
      Starting net on PCNAME..
      net exited on PCNAME with error code 0.
       
      **Note to test this script PSEXEC must be in the system dir or the path in the script changed 
      PSEXEC tool: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
    • By Qwerty212
      Hello from Barcelona.
       
      I'm working in a script that fills some pdf files with some strings of text. The main problem that I have is that the last and updated version of these files is in the server of our company.
      As some old files might get an update, I do always need to get the latest version of the files (just one single pdf for every time that the script is executed.
      I've been reading and surfing int he forum for examples for this kind of remote file copying, but none of them has worked for me.
      I know that I can acces to the server because thanks to one of those examples I can connect in a RDP conecction.
      The RDP connection script is this one:
      #include <GUIConstants.au3> #include <WindowsConstants.au3> #include <FileConstants.au3> #include <MsgBoxConstants.au3> #include <WinAPIFiles.au3> #include <AutoItConstants.au3> $oRDP = ObjCreate("MsTscAx.MsTscAx") $gui = GUICreate("RDP", 800, 800, 0, -1, $WS_OVERLAPPEDWINDOW + $WS_VISIBLE + $WS_CLIPSIBLINGS) GUISetState(@SW_HIDE, $gui) $GUIActiveX = GUICtrlCreateObj($oRDP, 0, 0, 800, 800) GUICtrlSetStyle($GUIActiveX, $WS_VISIBLE) GUICtrlSetResizing($GUIActiveX, $GUI_DOCKAUTO) GUISetState() $oRDP.Server = "192.168.20.61" ;NetBIOS, DNS oder IP des Gerätes $oRDP.Domain = "FILESERVER" ;Anmeldedomäne (Rechnername oder NetBIOS Domänenname) $oRDP.UserName = "companyname1\user" ; Benutzername $oRDP.AdvancedSettings2.ClearTextPassword = "XXXXX-XXXXX-XXXXX" ; das Passwort dazu $oRDP.FullScreen = False ; Vollbild ja/nein - hat nichts mit der Auflösung zu tun $oRDP.AdvancedSettings2.RedirectDrives = True ; Sollen die Laufwerke mitgenommen werden $oRDP.AdvancedSettings2.RedirectPrinters = False ; Sollen die Drucker mitgenommen werden $oRDP.AdvancedSettings2.RedirectPorts = False ; Ports wie LPT1 etc $oRDP.AdvancedSettings2.RedirectSmartCards = False ; SmartCards für Authentifizierung $oRDP.ConnectingText = "Conectando ...." ; Text der erscheint bevor das Bild des Servers erscheint ; Nachfolgende Zeilen von eigenen Test's - ich musste mal das mit den "AdvancedSettings2" 3 4 etc. ausklingeln $oRDP.AdvancedSettings2.EnableAutoReconnect = True $oRDP.AdvancedSettings2.allowBackgroundInput = True $oRDP.AdvancedSettings2.ConnectionBarShowRestoreButton = True $oRDP.AdvancedSettings5.AudioRedirectionMode = 0 $oRDP.Connect() ObjEvent($oRDP, 'rdpevent_') Func rdpevent_OnLoginComplete() ConsoleWrite('loging complete' & @CRLF) ; copy() EndFunc ;==>rdpevent_OnLoginComplete Func copiar() $remoteclient = "192.168.20.61" $Domain = "FILESERVER" $Username = "companyname1\user" $Password = "XXXXX-XXXXX-XXXXX" ; Map X drive to \\myserver\stuff using current user ;DriveMapAdd("X:", "\\myserver\stuff") ;RunAsWait("companyname1\user","FILESERVER","XXXXX-XXXXX-XXXXX", 0, @ComSpec & ' /c ' & 'copy "\\192.168.20.61\X$\a.txt, "C:\Users\Mantenimiento\Desktop\"', "", @SW_HIDE) ; Map X drive to \\myserver2\stuff2 using the user "jon" from "domainx" with password "tickle" DriveMapAdd("X:", "A:", 0, "companyname1\user", "XXXXX-XXXXX-XXXXX") ConsoleWrite("error " & @error) EndFunc ;==>copiar While 1 $msg = GUIGetMsg() Select Case $msg = $GUI_EVENT_CLOSE ExitLoop EndSelect WEnd GUIDelete() Exit ;==> Doing this I get this GUI with the Remote Computer:

      The folder with the pdf files is the one marked.
      Looking at the remote computer hard disk drives folder I get this:

      The hdd where the pdf files are is a Network location. I don't know if this is a problem to get the files copied from the remote computer to the local one. I have zero knowledge about networks.
      Any idea or help would be really apreciatted.
    • By ur
      I have enabled admin sharing in the remote machine so that I can copy files to the remote machine use PSEXEC to execute our application remotely.
        Now, if the machine is poweredoff we need to poweriton. So I checked whether the remote machine, it is of both VirtualBox or VMWare one. For VirtualBox or VMware, I have found command line utities to poweron.   But to autologon by skipping the login screen.Can anyone suggest how to do the same.If it is a physical machine, then there is no need to poweron but autologon is required.   I am trying for windows machines.Win 7 at present.   For VirtualBox I checked below link with help og guestadditions but not working. http://www.virtualbox.org/manual/ch09.html#autologon   The below procedure will save the password in that machine and it will logon automatically.   http://www.howtogeek.com/112919/how-to-make-your-windows-8-computer-logon-automatically/   But it will give access to everyne.But my opinion is he should access only if have credentias.I mean through any commandline from another machine he should trigger logon also by passing credentials.     Similarly this also   http://www.cnet.com/how-to/automatically-log-in-to-your-windows-10-pc/   http://superuser.com/questions/28647/how-do-i-enable-automatic-logon-in-windows-7-when-im-on-a-domain   http://pcsupport.about.com/od/windows7/ht/auto-logon-windows-7.htm   http://www.computerperformance.co.uk/windows7/windows7_auto_logon.htm   https://technet.microsoft.com/en-us/magazine/ee872306.aspx   Please guide me how to proceed.
    • By parrishjason
      I am trying to spawn a cmd.exe shell on a remote machine using psexec then proceed to running commands on that machine and reading the output. I.e. running pwd. 

      Unfortunately, the code I have now will just immediately exit cmd on the remote system 
      I'm trying to use the current code
      #include <Constants.au3> $pid = Run('C:\Users\test\Desktop\psexec.exe \\192.168.1.123 -u test -p "P@$$word1" -h -s cmd',@SystemDir, @SW_HIDE, $STDIN_CHILD + $STDOUT_CHILD) StdinWrite($pid,"pwd") StdinWrite($pid,@CRLF) Local $data Sleep(2000) $data &= StdoutRead($pid) ConsoleWrite("Debug:" & $data & @LF) StdinWrite($pid,"cd ") StdinWrite($pid,"C:\users\test2") StdinWrite($pid,@CRLF) StdinWrite($pid) $data &= StdoutRead($pid) ConsoleWrite("Debug:" & $data & @LF) http://stackoverflow.com/questions/19206834/command-prompt-and-autoit-stdinwrite <- credits to this stack overflow post
      Unfortunately, on my end, my cmd just starts/stops with this prompt
       
      Connecting with PsExec service on 192.1.123...Starting cmd on 192.168.1.123... cmd exited on 192.168.1.123 with error code 0. Any ideas how I can keep my shell open over psexec and still interact with it using AutoIT?

      Any feed back would be amazing! Thanks!
×
×
  • Create New...