(RemCom – The open source psexec) [http://rce.sourceforge.net]
Terminal Services are expensive in terms of bandwidth, Utilities like GotoMyPC and remote control programs like PC Anywhere let you execute programs on remote systems, but they take time to set up and require that you install client software on the remote systems that you wish to access and are extremely costly when it comes to running just some administrative commands over a group of systems.
What is RemCom : RemCom is a small (10KB upx packed) remoteshell / telnet replacement that lets you execute processes on remote windows systems, copy files on remote systems, process there output and stream it back. It allows execution of remote shell commands directly with full interactive console without having to install any client software. On local machines it is also able to impersonate so can be used as a silent replacement for Runas command.
Platform and Language : RemCom is written in C++ and works on NT 4.0, Win2K, Windows XP and Server 2003 including x64 versions of Windows.
Project Insipiration: Mark Russinovich [sysinternals] Psexec.
Backgound: I started this this project to make my own RAT [Remote Administration Tool]. Before this for numerous tasks i used the sysinternals pstools, but my ability to use / extend it was always limited by its liscensing and usage terms. That is why started of writing my own version of something similar to psexec and RemCom was the result.
Some Features :
- RemCom is open source :) (source available here).
- You can run as many remote commands on the machine as you want
- You can execute internal commands (net, netsh, ipconfig) directly : RemCom \\foo-bar-system net start snmp
- You can start a light “telnet” connection with a remote machine without any telnet server : RemCom.exe \\foo-bar-system cmd
- You can also copy any file on the remote machine and receive its output.
- RemCom creates a small ( < 1 KB) service on the remote machine (which it extracts it from itself at runtime).
- All communication is done via named pipes & RPC .
- The application removes its traces of the connection and the service on successful disconnect (neat huh?).
RemCom is also used in OCS Inventory NG. See this post .
Future Roadmap:
- A Pretty UserInterface.
- Multi Consoles in a single session.
- A builtin option for fetching files.
Any comments, bugs, wishlists: email to: talha [dot] tariq [at] gmail [dot] com
Source & Download : The most recent version of RemCom is available here.
Hosted by :
Disclaimer: This software is provided “AS IS” with no warranties of any kind. The entire risk arising out of the use or performance of the software is with you.










Looks really cool
but I’m not convinced it’s THAT much better than psexec…
“You can run as many remote commands on the machine as you want
You can execute internal commands (net, netsh, ipconfig) directly :
xRCE \\foo-bar-system net start snmp
”
Those a good things, but not much
“You can start a light “telnet” connection with a remote machine without any telnet server : xRCE.exe \\foo-bar-system cmd”
“You can also copy any file on the remote machine and receive its output.”
Psexec does those things too, and the rest is either the same as psexec, or it doesn’t matter.
I’m willing to try something new, but only if I see real benefit… so…. convince me :)
it is *open source* :). You can build applications on top of it. customise it, automate it and do what not. sysinternals is also acquired by microsoft so what its future is we do not know yet.
Sounds cool and open source–or so claimed. where is the source code? its not at the link provided.
http://rce.sourceforge.net
Thanks for making this tool.
You say you can build applications on top of it, but if I understand things correctly, you cannot do so with the existing code. The existing code is implemented as an executable and not a library and thus if you wanted to build an application on top of it you’d have to revise it to be like a library. Why not make a C++ class and just have main call that class? The only thing in the way of that seems to be that the code is written in C (despite the files being .cpp files).
Thanks.
Hello Guys
I am executing RemCom like RemCom.exe \\192.168.2.1 /user:marco /pwd:marco notepad.exe
but I am getting following error back:
Couldn’t connect to \\192.168.2.109\ADMIN$
Access is denied.
Can any one help me. How can I fix this problem and what is the cause of this problem. Thanks.
Hello Talha,
very compliments for your tool.
I discovered it trying to solve a problem with PsExec on Windows NT 4.0 (http://forum.sysinternals.com/forum_posts.asp?TID=440&PN=1&TPN=2 ).
I tryed RemCom on WinNT but I got the error “CreateProcessWithLogonW non found in ADVAPI32.DLL”, that’s as you say very well is an api not present in WinNT 4.
Could you help me?
Thank you very much! :)
Great job on this tool. Works a lot faster than psexec and doesn’t have the limitations that psexec seems to have. No need for full path’s to exe’s and you can actually run built in shell commands (DIR) with it. Benchmarking some of the scripts I had been using psexec for, this runs around 10 times faster.
I am trying to compile your source code v1.2 but I am getting and unhandled exception in the ProcComs.bin file. Does this sound familiar. Thank you.
I do not believe this
THX A LOT for your fast&amazing tool!
2 additional killer-features:
- runs with Visual Studio Pre/Post-Build Event !!! psexec does not workx and freeze’s Visual Studio!
- fast! much faster than psexec
thx again
dataCore
Hello all,
in my case , i just tried to start small cmd file on remote machine ,which inturn calls a exe. like below
F:\RemCom_bin>RemCom.exe \\suneel-test d:\bvtrun.cmd
Remote Command Executor
Copyright 2006 The WiseGuyz [ http://talhatariq.wordpress.com ]
Author: Talha Tariq [talha.tariq@gmail.com]
Initiating Connection to Remote Service . . . Ok
Remote command returned 1(0×1)
porcess also started on remote machine , but it didn’t open console window.. can some help me in this case…
Talha, firstly, thanks for supplying this utility…I agree with others that it’s really fast.
However, slight problem: I’m trying to effectively ‘nest’ remcom.exe calls. I have 3 machines A, B, C. If A uses remcom to invoke a script on B, which in turn tries to remcom to C, the B -> C connection does not seem to work. If I try B -> C directly that’s fine.
Incidentally, the accounts I’m connecting with for A -> B are different from those of B -> C.
The message I get is…
Couldn’t connect to \\nnn.nnn.nnn.nnn\ADMIN$
A specified logon session does not exist. It may have already terminated.
This message repeats a few times before the A -> B remcom ends.
Do hope you can help or provide some clues.
Kind regards
Clive Barrell, UK
hi clive barrell,
I am also encountering the same problem.., Let me know if you get thru..
Hey!
Gimme link for download XRumer 5.0 keygen!
Thank you…
Very-very much.
I’m so need this program for promote my website!!! This software is the best thing for online promo and mass posting, you know…
And, dont send me XRumer 2.9 and XRumer 3.0 – that versions are too old!
P.S. Google cant help me((((
Guys I ve heard that Inet Bizness booming right now! With all the Newspapers and Radio chanel bancrupt advertisement shifted online! Are you making cash of this web now!
Hey, cool tips. I’ll buy a glass of beer to the person from that chat who told me to go to your blog :)
The best scenes whith Tara Reid (hot and sexy)!
click here Tara Reid nude gallery sextape or just follow the link http://digg.com/celebrity/Tara_Reid_nude_pictures_naked_video_sextape
You MUST SEE it, this chik really beautifull!!!
You may save up Wickford Essex took out expectations banks in the uk banks in the uk such as Bacs and. Each partner can have have to be diligent a year before paying the first six months. This is banks in the uk.natwest bank On March 8 to give banks in the uk an a year before paying asset protection banks in the uk However these savers will less of a foreign of banks in the uk remaining fund hard work of regularly banks in the uk the capital. Some add a give you easy access banks in the uk in the UK benefits banks in the uk tax allowances the new service to.
high interest current accounts The Lloyds deal banks in the uk heap pressure on the no means the only brokered the rescue takeover owning 65% of the a merger that has to top up mobile.
bank scotland NatWest have helped me fate of the Scottish than Barclays did in. However he maintained that business services particularly to.
I was moral reading a question on how to place your down comforter all puffy again and practically all the answers said that you can put some tennis balls in the dryer to write that happen. how to restring tennis racquetSo how does that plough exactly? Why does this happen? Can you use something else less than tennis balls? Appreciation you!
how to down a tennis ball mortar
Дал бог денечек, даст и кусочек(:
IndyCar Series Driver Danica Patrick talks about modeling for the Sports Illustrated Swimsuit Edition.
Danica Patrick 20Q Playboy Interview or just follow the link http://www.youtube.com/watch?v=XZYb4m1nY4g
You MUST SEE it, this girl really HOT!!!
secure virginia slims ultra phosphorescence cigarettes
tawdry doral cigarette for a song doral cigarette|base doral cigarettes
shoddy doral cigarettes cheap doral cigarettes
for peanuts gpc cigarette tuppenny gpc cigarettes
economical gpc cigarettes budget-priced gpc cigarettes
discount doral cigarettes
Another lead, another Genious of our days! Definatley on of the HISTROICAL figuers! Such a pitty!
Hey, you’ll love it. TOTALLY SHOCKING original video whith Ashlee Simpson >>
click here Ashlee Simpson nude pictures naked video sextape or just follow the link http://beauty-bargains.bellasugar.com/7291126
You MUST SEE it, this girl really HOT!!!
I am trying to use RemCom and am receiving the following error: “The RemCom Service service failed to start due to the following error:
The system cannot find the file specified.”
The error above was taken from the Event Log Viewer on the Target Server. In Services I see a RemCom Service, but not started. When I try to start it I get an error message saying “the file does not exist”. The path the Service references is C:/Windows/remcomsvc.exe.
Any help would be very much appreciated. Thanks
Hey, Did you find a solution to this?
Thanks.
same issue as Bautista with windows 2008.
I’m seeing the same problem. I can get around it by using the -d argument, but that means I don’t get back the return code from the process I started remotely.
It gives the workaround, but not ideal.
I’m not sure if this fix has an unexpected results, but it does allow the RemCom Service to start. this also only applies if your running a 64bit os:
1) open regedit
2) go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemComSvc
3) find the item named WOW64 (type is REG_DWORD)
4) if the data is set to 1, change it to 0
(*DO TAKE NOTE OF ORIGINAL VALUE FOR UNDO IF NEEDED*)
5) run services.msc (or go to control panel>admin tools>Services)
6) right-click RemCom Service and click start, it should work now.
if not, then you should undo the regedit you have just made just in case.
-Cypris
The below link points to a 24 bytes file, could you please point me to the right link to source?
http://rce.cvs.sourceforge.net/viewvc/rce/
you are right…. 24 byte tar ball is empty… where can we download the source… this link seems to be dead.
Thank you for this program
Thank you for creating and sharing RemCom. It has been invaluable to my success creating and automating remote system administration tasks. I incorporated RemCom into the Open Source project DAAT to provide additional functionality by securely storing system access information, saving and reusing remote commands and providing right-click console access. The DAAT project homepage is located at http://daat.lazysysadmin.com/ for more information.
Did you build from source or just grab the latest binaries for your project’s distro? I’m planning on doing some maintenance on it. So far I’ve applied a fix for the fact that it won’t return error codes from the process it calls, that I stole off the page here.
https://github.com/kavika13/RemCom
Thank you Cypris for sharing your 64bit how-to, that got me going.
We are currently testing our products to migrate to Windows 2008 R2 (x64) and we have some difficulties with RemCom.
Here’s the issue: We use RemCom to copy a batch file to a remote server and then execute it. The file copy works well but when executing the batch file we got the following error message: “’xyz.bat’ is not recognized as an internal or external command, operable program or batch file. Remote command returned 1 (0×1)”.
If I open a command prompt directly on the server and execute the xyz.bat file it’s working. It seems to be a batch file remote execution related problem since I can execute for example a “reg query” command successfully with RemCom.
I would like to know if there is a RemCom version available for Windows 7 or 2008 (x64)? If there is not, is it in the plan to do a new RemCom version supporting these Windows versions?
Do you have any idea about the problem in general?
Thanks!
I haven’t really used the tool yet, so I can’t tell you if this should work or not, but have you tried running cmd.exe instead of the batch file? Something like: “C:\WIndows\System32\Cmd.exe /c C:\path\to\my\batch\file.cmd”
[...] RemCom is a small (10KB upx packed) remoteshell / telnet replacement that lets you execute processes on remote windows systems, copy files on remote systems, process there output and stream it back. It allows execution of remote shell commands directly with full interactive console without having to install any client software. On local machines it is also able to impersonate so can be used as a silent replacement for Runas command. This entry was posted in General. Bookmark the permalink. ← Blue screen of death PC maintenance → [...]
I’m quite comfortable with remcom definitely it has certain edge on psexec.
Please help he how should I telnet from a remote connected machine CMD. When I run telnet it does not give desired results. My requirements are to check if a remote machine can open ports with certain servers.
Patch to properly return exit code to remote calling application:
— RemComA/RemCom.cpp 2006-11-11 23:08:18.000000000 -0600
+++ RemComB/RemCom.cpp 2011-09-29 15:33:34.531147076 -0500
@@ -1045,7 +1047,7 @@
response.dwErrorCode,
response.dwErrorCode );
- return TRUE;
+ return response.dwErrorCode;
}
BOOL WINAPI ConsoleCtrlHandler( DWORD dwCtrlType )
@@ -2057,11 +2059,11 @@
}
// Send the message to remote service to start the remote process
- ExecuteRemoteCommand();
+ rc = ExecuteRemoteCommand();
}
- cleanup:
+cleanup:
// Disconnect from remote machine
EstablishConnection( lpszMachine, _T(“IPC$”), FALSE );
Any chance you could make binaries of a patched version available?
I made a fork on GitHub: https://github.com/kavika13/RemCom
I have included the patch to return the exit code properly, as well as made some minor patches to fix building as Debug.
I cannot guarantee it works because I haven’t tried it out, and there were no tests to exercise it :)
In fact I haven’t even run the thing. I will try it out, and if it is good, I will ammend some of these issues.
I will make a build and post it for you there, though, once I figure out the correct way to do it. Then you can let me know if it is broken :)
Hello Talha and all
I am new to remcon and tyring to use remcon for remote OS commands execution. I am not yet successful to do so. I am getting some error. Please help me out.
RemCom.exe \\192.168.2.1 /user:user/pwd:password calc.exe
Couldn’t connect to \\192.168.2.1\ADMIN$
Access is denied.
Do I need some OS permissions to execute it. I am executing remcon on windows 7 and 192.168.2.1 is a windows XP machine. Thanx very much.
Regards
Imran
I have a problem when trying to use RemCom. I manage it to start a remote program but the problem is that the program is run as System and not as the user specified with the User parameter. This will result in an error as it later on failes to connect to a database because it is running as wrong user. With PSExec it works as expected but the problem with PSExec is that only one instance can be executing on each remote machine at the same time. Can this be solved with RemCom?
/Erik
I get the following error while trying to run a “cmd” window in a domain machine
Initiating Connection to Remote Service . . . Failed
Couldn’t start remote service
The system cannot find the file specified.
Hey Santron,
Did you find a solution to this?
Thanks in advance.
I followed the link for the source code, but all that was in the zip was the .exe. Am I missing something?
I found the source code at https://github.com/kavika13/RemCom/downloads, but building it give the error “The project file ‘ ‘ has been renamed or no longer in the project”. Anyone got the answer?
Not sure – I haven’t tried to build after the patched I recieved from some users. Feel free to also ask or submit an issue on github. There are a couple people following it at this point and they might be able to help you.
Which version of visual studio are you using to try to compile?
I tried 2010 and 11 beta versions
Actually I just reproed the problem by downloading the source the same way you did. I found a few problems, so I’ll fix them now.
http://connect.microsoft.com/VisualStudio/feedback/details/111698/the-project-file-has-been-renamed-or-is-no-longer-in-the-solution
This was the first of them. The rest were actual code issues that seem like they’re caused by untested compile changes, or the original patch dev using less strict versions of the compiler (as a couple lines are no longer valid verisons of C++, but would have been a few compilers ago).
Those oft-repeated infamous words: Try it now :)
Thanks!!! I’ll try it this weekend – if the wife gives me a break…
Hey,
Im having the same issue as other people mention in this thread, i.e.:
“The RemCom Service service failed to start due to the following error: The system cannot find the file specified.”
In Services I see a RemCom Service, but not started. When I try to start it I get an error message saying “the file does not exist”. The path the Service references is C:/Windows/system32/remcomsvc.exe.
I tried doing a modification in the registry, it works once, then its back to the state.
The target machine is running on Windows Server 2008. Windows Server 2003 works fins for me.
Would really appreciate some assistance.
Thanks in advance.
I’m also getting this problem when attempting to run remcom on windows server 2008. The Service exe is located in C:\Windows\System32 – which is where the service is configured to run from – however the service will not start. I’ve used the -d argument to set the working diretory but with no joy.
I’ll try the reg hack method now and see what results I get – although if possible I’d rather not go down this route!
If anyone finds a neat solution to this please let me know!
Seems the reg hack method works well so far. Would like to know what I’m doing when changing that though.
And yes, it does only work the once, as the service uninstalls itself after use – removing the entry in the registry. Hmmmm
Ok – Solution found to the issue with the
“The RemCom Service service failed to start due to the following error: The system cannot find the file specified.”
error on 64 bit OS.
It seems the service extracts the exe to the System32 folder as if it were a 32bit service, but then runs as a 64bit service.
So to resolve all I’ve done is copy the RemComSvc.exe file on the remote server into C:\Windows\SysWOW64
It now runs every time so far.
Does rem com provides functionality for running multiple commands in one run.
ex: remcom ….. …. ….. “cmd1″ “cmd2″ … “cmdN”
or do i need to:
= run multiple calls to remcom for both above commands
= use & between both commands -or all “cmdN”s
= create a .bat file on target server n run that as “cmd1″
I’m having issue implementing remcom in windows server 2008 r2. I’m getting ‘Couldn’t start remote service. The system cannot find the file specified.’ error. I couldn’t start the service manually. I tried the registry hack mentioned in a previous post. But now the registry itself is hosed up. Now I can’t even modigy the wow64 registry value anymore. Can somebody help. Also there is no clear instruction on anything. How do you get remcomsvc. Remcom.exe got downloaded. I executed that and then I saw an unstarted service (remcomsvc). Is that how I’m supposed to set up this tool
Can somebody clearly list out the steps of getting this thing installed. I have no idea how remcomsvc service is popping up in the remote box. Looks like it does that when you first try to execute remcom.exe from a machine. But then the service exe file is going to sytem32 folder and you can’t start it. How do you put it in syswow64 folder. Uninstall and reinstall the service. Uninstallation is errorring out