Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Connect to a remote windows host with valid credentials (no exploit)

From: talha.tariq at gmail.com (Talha)
Date: Fri, 1 Jun 2007 18:33:16 +0500
i wrote this a couple of years ago. It happens to be an open source psexec.

http://rce.sourceforge.net/
http://sourceforge.net/projects/rce/

The concept is simple. You connect to admin$ or IPC$ on the remote
machine. Push a simple executable service which communicates with the
system locally and streams the output of the processes executed to the
remote machine.

The code is not very clean (since it also contains some pieces of code
wrotten by others), not all switches are implemented, and uses some
ugly tricks for User Impersonation on different Windows Machines (due
to poor and broken microsoft APIs) but in the end it works and hav
been used by a lot of other sf projects as well :)

--Talha


On 6/1/07, H D Moore <hdm at metasploit.com> wrote:

Its possible, in the same way that psexec works, but has not been
implemented yet. Soon! :)

-HD

On Friday 01 June 2007 03:22, Nicolas FR wrote:

So basically my question is... is it possible ?
Previous By Date Next
Previous By Thread Next

Current thread: