[jcifs] Re: Remote command Execution?
pombredanne at nexb.com
Sat Sep 11 08:29:23 GMT 2004
Just to add some more references on the topic, I had made some research
and have the following links on remote command exec on Windows....
ItaskScheduler, pretty much the same as atsvc
http://ntkernel.com/articles/psexec.shtml describes the inner workings
of (the non open-source) psexec from sysinternals which use a devilish
approach to copy an rpc server to the target via the $ADMIN pipe,
install it temporarily as a service listening on a pipe, then use it to
execute a command remotely, get results via more pipes, then
de-installs the service, then removes the exec....
To the best of my knowledge this are the only other alternatives unless
you use remote scripting or WMI, which are not often there on NT4.
The only issue is that is does requires the $ADMIN to be there.
philippe ombredanne | nexB - Open IT Asset Management
1 650 799 0949 | pombredanne at nexb.com
> -----Original Message-----
> From: jcifs-bounces+pombredanne=nexb.com at lists.samba.org
> [mailto:jcifs-bounces+pombredanne=nexb.com at lists.samba.org]
> On Behalf Of Michael B Allen
> Sent: Friday, September 10, 2004 12:15 PM
> To: Christopher R. Hertel
> Cc: jcifs at lists.samba.org
> Subject: Re: [jcifs] Re: Remote command Execution?
> On Fri, 10 Sep 2004 11:21:24 -0500
> "Christopher R. Hertel" <crh at ubiqx.mn.org> wrote:
> > > to do something similar from Linux, using jarapac
> perhaps? This could be
> > > another way to implement remote command execution by
> installing the
> > > appropriate service.
> > Installing such a service is very dangerous, of course.
> Security alarms
> > are already blaring in my head.
> Well you have to have the appropriate permissions of course.
> Greedo shoots first? Not in my Star Wars.
More information about the jcifs