nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

How to hurt yourself with PSExec

RobertKaucher

How to REALLY hurt yourself with PSEXEC - Deleting the Undeletable Registry Key and More - Scott Hanselman

Nice blog post...

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

the_Grinch

Nice post and a great article, makes we want to learn more about the various Sysinternal tools!

pzero

PSExec is an awesome tool.

There was also a way to bring up a command prompt in XP under SYSTEM context by using the at.exe command.

at [time] /interactive cmd.exe -> Wait up to the time you set and volia. You have a command prompt under system context. Has come in handy for testing scripts and file permissions etc that require SYSTEM.

CodeBlox

I started using this at work. Got tired of remoting in (RDC) just to do a "netdom" or some other command.

jibbajabba

I might be a bit thick here .. but can't you remove phantom adapters also with

set devmgr_show_nonpresent_devices=1
devmgmt.msc

Then display hidden devices ?

meadIT

jibbajabba wrote: »
I might be a bit thick here .. but can't you remove phantom adapters also with
set devmgr_show_nonpresent_devices=1
devmgmt.msc
Then display hidden devices ?

That will remove devices that are no longer connected, but still have drivers installed on the system. If I understand the blog post correctly, these were showing up as active in Device Manager. He would uninstall them through Device Manager, but they would come back as active when rebooted.