Summary: PSTools is available from Microsoft. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems.
- Download PSTolls/PSexec from Microsoft.
- Extract to a folder.
- Open cmd prompt and change to that folder with the psexec executable.
- Run psexec -accepteula -i -s \\computername -u username cmd -accepteula
-i Runs it interactively, and -s runs it as the SYSTEM user account. Theses are not needed, so you can use them if you want. This will run a cmd prompt on your system from their system. Just like you're at their system running command prompt, but they can't see anything.
From here, you can do things like:
DNS testing (ping -a, nslookup, etc. )
Network testing (telnet to port 52230 to check kbox connectivity, etc.)
See what processes are running (tasklist)
See what services are running (sc query state= all | findstr "DISPLAY_NAME STATE") (C:\> SC query messenger | FIND "STATE" | FIND "STOPPED") or you can run just sc query, but it gives you a lot more information.
Kill processes (taskkill /IM kboxclient.exe, kinstallersetup.exe, etc)
Start/Stop services (net start kboxsmmp, net stop kboxsmmp)
Run silent installs of programs (kinstallersetup.exe -server=kbox -display_mode=silent)
Map a drive (net use x: \\servername\sharename)
These can all be useful tools when having to troubleshoot a remote system where the end user is using the system.
psexec \\marklap cmd
This command executes IpConfig on the remote system with the /all switch, and displays the resulting output locally:
psexec \\marklap ipconfig /all
This command copies the program test.exe to the remote system and executes it interactively:
psexec \\marklap -c test.exe
Specify the full path to a program that is already installed on a remote system if its not on the system's path:
psexec \\marklap c:\bin\test.exe
Run Regedit interactively in the System account to view the contents of the SAM and SECURITY keys::
psexec -i -d -s c:\windows\regedit.exe
To run Internet Explorer as with limited-user privileges use this command:
psexec -l -d "c:\program files\internet explorer\iexplore.exe"