How to hurt yourself with PSExec

RobertKaucherRobertKaucher Member Posts: 4,298

Comments

  • the_Grinchthe_Grinch Member Posts: 4,164 ■■■■■■■■■■
    Nice post and a great article, makes we want to learn more about the various Sysinternal tools!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • pzeropzero Member Posts: 192
    PSExec is an awesome tool.

    There was also a way to bring up a command prompt in XP under SYSTEM context by using the at.exe command.

    at [time] /interactive cmd.exe -> Wait up to the time you set and volia. You have a command prompt under system context. Has come in handy for testing scripts and file permissions etc that require SYSTEM.
  • CodeBloxCodeBlox Member Posts: 1,363 ■■■■□□□□□□
    I started using this at work. Got tired of remoting in (RDC) just to do a "netdom" or some other command.
    Currently reading: Network Warrior, Unix Network Programming by Richard Stevens
  • jibbajabbajibbajabba Member Posts: 4,317 ■■■■■■■■□□
    I might be a bit thick here .. but can't you remove phantom adapters also with
    set devmgr_show_nonpresent_devices=1
    devmgmt.msc
    

    Then display hidden devices ?
    My own knowledge base made public: http://open902.com :p
  • meadITmeadIT Member Posts: 581 ■■■■□□□□□□
    jibbajabba wrote: »
    I might be a bit thick here .. but can't you remove phantom adapters also with
    set devmgr_show_nonpresent_devices=1
    devmgmt.msc
    

    Then display hidden devices ?

    That will remove devices that are no longer connected, but still have drivers installed on the system. If I understand the blog post correctly, these were showing up as active in Device Manager. He would uninstall them through Device Manager, but they would come back as active when rebooted.
    CERTS: VCDX #110 / VCAP-DCA #500 (v5 & 4) / VCAP-DCD #10(v5 & 4) / VCP 5 & 4 / EMCISA / MCSE 2003 / MCTS: Vista / CCNA / CCENT / Security+ / Network+ / Project+ / CIW Database Design Specialist, Professional, Associate
Sign In or Register to comment.