RE: Psexec on *NIX

[Scott Taylor <security () 303underground com>]

Are you saying that you want to run psexec to talk to windows boxes, but
from a machine running a real operating system? If thats the case, have
you tried running psexec under wine? Or in vmware? At least that way you
could close down the wormbait when you're not using it.

Or are you asking if by some chance the unix systems were as lax about
security as windows is? Not by default but you could probably make them
that way.


Good thing I wasn't in the middle of drinking anything when I saw this
example on the psexec page:

This command copies the program virus.exe to the remote system and
executes it interactively: 

    psexec \\marklap -c virus.exe

Ok, their original example didnt call it virus.exe or worm.exe, but they
might as well have.


On Thu, 2004-05-06 at 14:19, Chris Carlson wrote:
> I need a utility that behaves exactly like psexec, and for the second
> time, yes, I know exactly what psexec does.  
>
> I need to be able to execute commands on remote windows systems without
> doing anything to them beforehand.  All suggestions thus far have
> required additional software to be installed on these systems but I
> don't want to leave anything on these systems or have to touch them in
> any way.  I know it is possible to remotely install any solution and
> then use it, but it doesn't make sense to do so.  Why would I install
> and run an ssh daemon just to use it to run another program, then delete
> the ssh daemon?  Why would I do that with anything?  It just doesn't
> make sense.
>
> I don't want central mangement. I don't want web applications.  I want
> to be able to walk into a network with my laptop that I've never before
> seen, and execute any program on any windows system of my choice.
> (That I've got access to, of course).  Going physically to the computer
> to install something takes more time and energy than what is needed; so
> does using RDP or VNC to do the same.
>
> Say I'm sitting on a picnic bench tapped into my corporate wireless
> network in Florida from my laptop and for some strange reason I need the
> MAC address of a desktop in Ohio.  In windows, it only takes a 'psexec
> \\ohio ipconfig /all'.  I don't need to use a remote desktop client, I
> don't need to start the telnet server service on the system, and I don't
> need to log into a router to check its arp tables.  I simply execute a
> command on the remote system.  
>
> I need this for unix.  
>
> Any more questions?
>
> - Chris
>
> -----Original Message-----
> From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] 
> Sent: Thursday, May 06, 2004 15:50
> To: Chris Carlson
> Cc: full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] Psexec on *NIX 
>
> On Thu, 06 May 2004 14:54:55 EDT, Chris Carlson <chris () compucounts com>
> said:
>
> > service, then removes it.  I also know that the r services are an 
> > option, as is ssh, but these are not what I want.
>
> Can you quantify *why* those aren't what you want?  From what you
> originally said, rsh or ssh should be a good solution.  If they aren't,
> we need to know why they aren't in order to propose other solutions....
>
> > If it doesn't exist, then it doesn't exist.  In that case, I'll go
> make
> > one.   I'm just trying to save myself some time here.
>
> Re-inventing the wheel almost never saves time....
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
--
Scott Taylor - <security () 303underground com> 

Barach's Rule:
        An alcoholic is a person who drinks more than his own physician.

    

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html