[Samba] Remote Command Execution using jarapac,jcifs.etc.

Pothuri Vijay Varma varma.iitb at gmail.com
Tue Dec 20 09:36:35 GMT 2005 

Hi,

I need to install windows services remotely from linux. Given that the
windows server is running with minimum credentials. On reading hte previous
mails, I found that it is possible using jarapac, midlc, jcifs etc.

So I started with jcifs. I am able to transfer a file(service) from linux to
windows using jcifs API. Now I want to start that service. First I tried
with installing midlc compiler. But it's giving the error. I have installed
libmba, but it's not installing library files in "/usr/local/lib" and
installing header files in "/usr/local/lib". And when I try to install
midlc, I'm getting following error.

gcc -Wall -W -g -O2 -DMSGNO -D_XOPEN_SOURCE=500
-D_DATADIR=\"/usr/local/share/mi
dlc\" src/emit_stub_samba.o src/emit_hdr_c.o src/emit_svr_stub_c.o
src/emit_svr_
dec_c.o src/emit_svr_enc_c.o src/emit_enc_java.o src/emit_dec_java.o
src/emit_st
ub_java.o src/preproc.o src/parse.o src/sym.o src/tok.o -lmba -o midlc
src/midlc.c
src/midlc.c: In function `main':
src/midlc.c:394: warning: implicit declaration of function `MSG'
/usr/bin/ld: cannot find -lmba
collect2: ld returned 1 exit status
make: *** [midlc] Error 1

And I read Michael Melham mails, so I started with svcctl.java and
TestCntrl.java. I compiled both the files successfully. And I am trying to
execute TestCntrl using following command.

"java -classpath
jarapac.jar:ncacn_np.jar:ntlm-security.jar:lib/jcifs-1.1.2.jar:. TestCntrl
229.227.153.158 example.properties"

I am getting following error.

: retval00000000-0000-0000-0000-000000000000
00000: B2 97 68 01 11 00 00 00 00 00 00 00 11 00 00 00  |².h.............|
00010: 5C 00 5C 00 31 00 32 00 39 00 2E 00 32 00 32 00  |\.\.1.2.9...2.2.|
00020: 37 00 2E 00 31 00 35 00 33 00 2E 00 35 00 38 00  |7...1.5.3...5.8.|
00030: 00 00 00 00 00 00 00 00 3F 00 0F 00              |........?...    |

Exception in thread "main" jcifs.smb.SmbException: No process is on the
other end of the pipe.
        at jcifs.smb.SmbTransport.sendTransaction(SmbTransport.java:869)
        at jcifs.smb.SmbSession.sendTransaction(SmbSession.java:219)
        at jcifs.smb.SmbTree.sendTransaction(SmbTree.java:74)
        at jcifs.smb.SmbFile.sendTransaction(SmbFile.java:688)
        at jcifs.smb.TransactNamedPipeOutputStream.write(
TransactNamedPipeOutputStream.java:65)
        at jcifs.smb.RpcTransport.send(RpcTransport.java:107)
        at rpc.DefaultConnection.transmitFragment(DefaultConnection.java
:107)
        at rpc.DefaultConnection.transmit(DefaultConnection.java:57)
        at rpc.ConnectionOrientedEndpoint.send(
ConnectionOrientedEndpoint.java:140)
        at rpc.ConnectionOrientedEndpoint.call(
ConnectionOrientedEndpoint.java:86)
        at rpc.Stub.call(Stub.java:113)
        at TestCntrl.doOpenSCManagerW(TestCntrl.java:28)
        at TestCntrl.main(TestCntrl.java:61)

Seems login is successfull, if I change login, then it's giving wrong
username/password.

Any help would be much appreciated.


Thanks in Advance,
Varma

More information about the samba mailing list