mirror of
https://github.com/ivuorinen/cheatsheet-tldr.git
synced 2026-01-26 11:33:59 +00:00
39 lines
1.2 KiB
Python
39 lines
1.2 KiB
Python
---
|
|
syntax: markdown
|
|
tags: [tldr, common]
|
|
source: https://github.com/tldr-pages/tldr.git
|
|
---
|
|
# psexec.py
|
|
|
|
> Execute commands on a remote Windows machine using `RemComSvc`, providing PsExec-like functionality.
|
|
> Part of the Impacket suite.
|
|
> More information: <https://github.com/fortra/impacket>.
|
|
|
|
- Spawn an interactive shell on a remote target:
|
|
|
|
`psexec.py {{domain}}/{{username}}:{{password}}@{{target}}`
|
|
|
|
- Execute a specific command on a remote target:
|
|
|
|
`psexec.py {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
|
|
|
|
- Copy the filename for later execution, arguments are passed in the command:
|
|
|
|
`psexec.py -c {{filename}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
|
|
|
|
- Execute a command from a specific path on a remote target:
|
|
|
|
`psexec.py -path {{path}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
|
|
|
|
- Authenticate using pass-the-hash authentication instead of a password:
|
|
|
|
`psexec.py -hashes {{LM_Hash}}:{{NT_Hash}} {{domain}}/{{username}}@{{target}}`
|
|
|
|
- Use Kerberos authentication for the target:
|
|
|
|
`psexec.py -k -no-pass {{domain}}/{{username}}@{{target}}`
|
|
|
|
- Specify the IP address of the domain controller:
|
|
|
|
`psexec.py -dc-ip {{domain_controller_ip}} {{domain}}/{{username}}:{{password}}@{{target}}`
|