Difference between revisions of "Running commands on Windows machine remotely from other machine using psexec"
From Notes_Wiki
m |
m |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[Windows]] > [[Windows 7 or Vista]] > [[Running commands on Windows machine remotely from other machine using psexec]] | |||
To remotely control a Windows machine from another windows machine, we can use psexec utility. This utility allows executing commands remotely. To use psexec follow these steps: | To remotely control a Windows machine from another windows machine, we can use psexec utility. This utility allows executing commands remotely. To use psexec follow these steps: | ||
Line 21: | Line 20: | ||
Refer https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_security/psexec-get-console-access-windows-10-problem/ad96c6db-95d7-46ab-98c8-e03efa35df5e | Refer https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_security/psexec-get-console-access-windows-10-problem/ad96c6db-95d7-46ab-98c8-e03efa35df5e | ||
[[Main Page|Home]] > [[Windows]] > [[Windows 7 or Vista]] > [[Running commands on Windows machine remotely from other machine using psexec]] |
Latest revision as of 08:11, 6 April 2022
Home > Windows > Windows 7 or Vista > Running commands on Windows machine remotely from other machine using psexec
To remotely control a Windows machine from another windows machine, we can use psexec utility. This utility allows executing commands remotely. To use psexec follow these steps:
- Download psexec from https://technet.microsoft.com/en-us/sysinternals/pxexec.aspx?f=255&MSPPError=-2147217396 This would give a zip file which should be extracted to get many tools including psexec
- On remote computer do the following
- Disable firewall from psexec computer. This is better than disabling Windows firewall completely. To disable firewall from a given host go to Control Panel ->
- Add custom rule to allow all applications, all protocols to any local address from given remote address or subnet appropriately
- Add Windows Registry Key for Remote Authentication by starting 'regedit'
- Go to HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows -> Current version -> Policies -> System.
- Add REG_DWORD (32 bit) named LocalAccountTokenFilterPolicy and set its value to 1.
- From psexec computer try getting a remote cmd using:
- psexec //<remote-ip> "cmd.exe"
-
- Strangely things might work without any authentication. This is why adding exception only for a certain IP is better than disabling firewall all together.
- Example command to shutdown machine remotely is:
- psexec //<remote-ip> "cmd.exe" "/c shutdown /s"
Home > Windows > Windows 7 or Vista > Running commands on Windows machine remotely from other machine using psexec