Problems using psexec

[Reinartz Ralf AII.Pforzheim <Ralf.Reinartz () aiinformatics com>]

Hello all,

I played a little bit with the smb-psexec.
System:
Linux Kernel 2.6.31
Suse 11.2
Nmap 5.10BETA2

On some Machines it works as expected, on others with similar configuration (w2k3 sp2) it fails.
The credentials are ok, files seems to be uploaded but the service manager does not work. With same credential 
"winexec" work.
Windows firewall is turned off

Is it nessassary to enable any specific Service on Windows site?

It's a Bug or works as designed ans the are restriction in Systemconfiguration on windows site?

Thx

ralf

NSE: Script scanning xxx.xxx.xxx.xxx
NSE: Starting runlevel 1 scan
Initiating NSE at 16:41
NSE: NSE Script Threads (1) running:
NSE: Starting smb-psexec against xxx.xxx.xxx.xxx.
NSE: smb-psexec: Attempting to find file: examples.lua
NSE: smb-psexec: Attempting to load config file: ./examples.lua
NSE: smb-psexec: Using share chosen by the user: C$ (c:)
NSE: SMB: Added account '' to account list
NSE: SMB: Added account 'guest' to account list
NSE: SMB: Added account 'administrator' to account list
NSE: smb-psexec: Generated static service name: 1372bdf4
NSE: smb-psexec: Generated static service name: 1372bdf4
NSE: smb-psexec: Generated static service filename: b283c84c.out.tmp
NSE: smb-psexec: Generated static output filename: e57b281d.out
NSE: smb-psexec: Verifying uploadable executables exist
NSE: smb-psexec: Looking for uploadable module: fgdump.exe or fgdump.exe.exe
NSE: smb-psexec: Attempting to find file: fgdump.exe
NSE: Couldn't find uploadable module fgdump.exe, disabling
NSE: You can try getting it from: http://www.foofus.net/fizzgig/fgdump/
NSE: smb-psexec: Timeout waiting for a response is 15 seconds
NSE: smb-psexec: Replacing variables in the modules' fields
NSE: smb-psexec: Entering cleanup() -- errors here can generally be ignored
NSE: Stopping service: 1372bdf4
NSE: smb-psexec: [cleanup] Couldn't stop service: NT_STATUS_SERVICE_DOES_NOT_EXIST (svcctl.openservicew)
NSE: Deleting service: 1372bdf4
NSE: smb-psexec: [cleanup] Couldn't delete service: NT_STATUS_SERVICE_DOES_NOT_EXIST (svcctl.openservicew)
NSE: SMB: Couldn't delete C$\e57b1d5d.txt: NT_STATUS_OBJECT_NAME_NOT_FOUND
NSE: SMB: Couldn't delete C$\e57b281d.out: NT_STATUS_OBJECT_NAME_NOT_FOUND
NSE: SMB: Couldn't delete C$\b283c84c.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND
NSE: smb-psexec: Leaving cleanup()
NSE: smb-psexec: Uploading: nselib/data/psexec/nmap_service.exe => \\C$\e57b1d5d.txt
NSE: smb-psexec: Service file successfully uploaded!
NSE: smb-psexec: Attempting to upload the modules
NSE: smb-psexec: Modules successfully uploaded!
NSE: Creating service: 1372bdf4 (c:\e57b1d5d.txt)
NSE: Starting service: 1372bdf4
NSE: Opening the remote service manager
NSE: smb-psexec: Couldn't start the service: NT_STATUS_WERR_ACCESS_DENIED (svcctl.startservicew)
NSE: smb-psexec: Entering cleanup() -- errors here can generally be ignored
NSE: Stopping service: 1372bdf4
NSE: smb-psexec: [cleanup] Couldn't stop service: NT_STATUS_SERVICE_NOT_ACTIVE (svcctl.controlservice)
NSE: Deleting service: 1372bdf4
NSE: SMB: Couldn't delete C$\e57b281d.out: NT_STATUS_OBJECT_NAME_NOT_FOUND
NSE: SMB: Couldn't delete C$\b283c84c.out.tmp: NT_STATUS_OBJECT_NAME_NOT_FOUND
NSE: smb-psexec: Leaving cleanup()
NSE: Finished smb-psexec against 10.236.5.11.
Completed NSE at 16:41, 0.37s elapsed
NSE: Script Scanning completed.



applied international informatics GmbH
Sitz der Gesellschaft: Berlin; Registergericht: Berlin-Charlottenburg HRB 77891B
Geschaeftsfuehrung: Josef Duermoser, Michael Bihn

Wichtiger Hinweis: Diese E-Mail und etwaige Anlagen koennen Betriebs- oder Geschaeftsgeheimnisse oder sonstige 
vertrauliche Informationen enthalten. Sollten Sie diese E-Mail irrtuemlich erhalten haben, ist Ihnen der Status dieser 
E-Mail bekannt. Bitte benachrichtigen Sie uns in diesem Fall sofort durch Antwort-Mail und loeschen Sie diese E-Mail 
nebst etwaigen Anlagen von Ihrem System. Ebenso duerfen Sie diese E-Mail oder ihre Anlagen nicht kopieren oder an 
Dritte weitergeben. Vielen Dank!

Important Note: This e-mail and any attachment are confidential and may contain trade secrets or otherwise protected 
from disclosure. If you have received it in error, you are on notice of its status. Please notify us immediately by 
reply e-mail and then delete this e-mail and any attachment from your system. If you are not the intended recipient 
please understand that you must not copy this e-mail or any attachment or disclose the contents to any other person. 
Thank you!
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/