/build/static/layout/Breadcrumb_cap_w.png

KACE: PSTools/PSexec Common Commands

Summary: PSTools is available from Microsoft.  PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems.

 

  1. Download PSTolls/PSexec from Microsoft.
  2. Extract to a folder.
  3. Open cmd prompt and change to that folder with the psexec executable.
  4. Run psexec -accepteula -i -s \\computername -u username cmd -accepteula

 

-i  Runs it interactively, and -s runs it as the SYSTEM user account. Theses are not needed, so you can use them if you want.  This will run a cmd prompt on your system from their system. Just like you're at their system running command prompt, but they can't see anything. 

From here, you can do things like:

DNS testing (ping -a, nslookup, etc. )

Network testing (telnet to port 52230 to check kbox connectivity, etc.)

See what processes are running (tasklist)

See what services are running (sc query state= all | findstr "DISPLAY_NAME STATE") (C:\> SC query messenger | FIND "STATE" | FIND "STOPPED") or you can run just sc query, but it gives you a lot more information.

Kill processes (taskkill /IM kboxclient.exe, kinstallersetup.exe, etc)

Start/Stop services (net start kboxsmmp, net stop kboxsmmp)

Run silent installs of programs (kinstallersetup.exe -server=kbox -display_mode=silent)

Map a drive (net use x: \\servername\sharename)

 These can all be useful tools when having to troubleshoot a remote system where the end user is using the system.

 psexec \\marklap cmd

This command executes IpConfig on the remote system with the /all switch, and displays the resulting output locally:

psexec \\marklap ipconfig /all

This command copies the program test.exe to the remote system and executes it interactively:

psexec \\marklap -c test.exe

Specify the full path to a program that is already installed on a remote system if its not on the system's path:

psexec \\marklap c:\bin\test.exe

Run Regedit interactively in the System account to view the contents of the SAM and SECURITY keys::

psexec -i -d -s c:\windows\regedit.exe

To run Internet Explorer as with limited-user privileges use this command:

psexec -l -d "c:\program files\internet explorer\iexplore.exe"

 

Posted 12 years ago 10079 views

Comments

This post is locked

Posted by:

KACE_Mary Red Belt
Ninja since: 12 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login
Blog

View More Blogs from KACE_Mary

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ