Talha Bin Tariq

neat!

Somehow, I am not able to execute remote command using this tool. While PsExec works perfect for the same credentials.
It gives error like,

Connecting to remote service … Failed

Couldn’t connect to \\remote_machine\ADMIN$
Access is denied.

Prashant,

This might be due to a lot of reasons:

On your target machine check if

1. It is not running Windows XP Home which lacks some of core network functionality required by RCE.
2. The Workstation service is running
3. The Server service is running
4. The Admin$ share is available. (MOST IMPORTANT). Follow these process to check:
a. net use \\Admincomp\Admin$ /user:Admin
b. dir \\Admincomp\Admin$
5. The Windows Network is running and Printer and File Sharing are activated.
6. Incomming network users authenticate as themselves. (Classical Network Authentication requires a non-empty password)
7. Check your firewall settings. By default most firewalls will block any incoming traffice to 135 & 445.
8. You may be experiencing Network Timeouts / loss of packets.

The above checklist is on the basis of my little experience and the issues reported to me so far. In any case if on some machine with same credentials psexec works, RCE should work too. You can always dig in deep: debug the source and check the reason by “GetLastError” from “rc = WNetAddConnection2( &nr, lpszPassword, lpszUser, FALSE );” from the EstablishConnection function.

Hope this helps,
Cheers

Does this work on Windows Vista?

Hi Tariq,

I have been looking for such utility for a long time. I used Net-Telnet to invoke remote programs on Unix boxes. I did use this tool and it’s very handy. You have done a great job!!.
I am looking forward to hear from you.
BTW:- Where are you located?

Cheers,

~Sujit Apte

if i use the following command
net use \\Admincomp\Admin$ /user:Admin
i get the following error
SERVER IS not configured for Remote administration.

and for the following command
net use \\localhost\Admin$ /user:Admin
it prompts for password; which is unable to authenicate.

is there any doc which explains what are the prequistes for getting xrce running on your machine. I am trying all the above mentioned commands in XP machine and i have cross verfied the services mentioned above

Talha,

Its wonderful tool, it works fine for me over PsTools(psexec). I have little problem, please advise me.

C:\>pstools\remcom \\172.20.1.184 /user:administrator /pwd:epoint0fe reg query HKLM\
Software\Microsoft\Windows NT\CurrentVersion /v ProductName

Remote Command Executor
Copyright 2006 The WiseGuyz [ http://talhatariq.wordpress.com ]
Author: Talha Tariq

Initiating Connection to Remote Service . . . Ok
Error: Too many command-line parameters
Remote command returned 1(0×1)

Hello,

This product is almost identical to another tool called xCMD.exe that was developed some time ago. I use xCMD.exe as well as psexec for various remote installations and one reason I always find myself going back to psexec is because of the -i (interactive) option.

Do you have any plans to include this option possibly in a future release?

Thanks,
Max

Very cool application any change of adding the ability to load a users profile like psexec

‘-e Loads the specified account’s profile’

I get the following error when I try to use the /c option.
remcom \\192.168.1.124 /c /user:Administrator /pwd:testing c:\temp\test44.txt

Failed

Couldn’t start remote service
This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem.

…
According to the documentation this option only copies the specified file to the remote system. (is it trying to execute it?)

Any help would be greatly appreciated…
Many Thanks

David

I have tried to fix this the above problem myself, with the help of friends who know C++ much better than I do, when we recompile we get the following error…a missing binary file called “ProcComs.bin”.

Do anyone know where this file is…. or where to get it?

Any help would be greatly appreciated…

David

I would like to execute many .bat file that are located in a network drive from remote computers. I need to use 10 remote CPU’s but the executables are in a network drive.

remcom \\Pc001 cmd P:/public/share/5566.bat /user:user1 /pwd:rej774

I triedm, without sucess..
its is possible ?
Joe

hi,

can your appl. be used on win98-client?

thks.
mickey

i never tested it, but u are most welcome to.

Talhia,

Very interesting program. Good job.

1) I have also tried the reg query command as Subhash Yadav (see above).
It seems that there is a limit with commands.
Ex :
REMCOM \\W0200968 /user:XXXX /pwd:YYY reg query HKLM\Software\Microsoft works fine, but :
REMCOM \\W0200968 /user:XXXX /pwd:YYY reg query HKLM\Software\Microsoft\Windows NT doen not work fine.
Remote Command Executor
Copyright 2006 The WiseGuyz [ http://talhatariq.wordpress.com ]
Author: Talha Tariq [talha.tariq@gmail.com]

Initiating Connection to Remote Service . . . Ok
Erreur : paramÞtres de ligne de commande non valides
Remote command returned 1(0×1)

2) About the /c command.
REMCOM \\10.153.108.226 /user:XXX /pwd:PPP /c a.txt works fine.
The file a.txt is really downloaded, but we have no access for next commands.
Initiating Connection to Remote Service . . . Ok
We need to CtrlC for stoping

3) About the /d command.
It seems not to work with the /c command.
How can we copy a file in a desired location, and not at C:\WINDOWS\SYSTEM32?

Thanks for the answer

Good job

I got a issue.

your binary copies my test perl script to remote machines system32 dir and executes( here i havent specified to copy. its fine if it copies).

The issue is when i edited infact removed certains things in test script and run once again. you binary is executing the previous version that it copied and ran it.

Please help.
Sid

Hello, I think that RemCom is a fantastic tool.

I have a doubt. I try to automatizate a backup with this tool, and I try to copy file to server with this command:

remcom \\machine “copy eula.txt \\server\files\novale.txt”

The result is
Acceso denegado.
0 archivos copiados.

Remote command returned 1(0×1)

If I execute copy eula.txt \\server\files\novale.txt in the machine the result is OK.

Do you know how can I use copy to send data to another machine?

Best Regards, Julio.

Hello, I have seen that the RemCom code is C++, and the code is executable in windows machine,

It is possible that a future this tool can be used from Linux or another OS diferent that MS Windows to be able to administer Windows computers?

Best regards, Julio.

Hey Buddy!

your tool is great, I just request to you one feature. A command line argument to specify TIMEOUT, like the psexec -n 30 if not, if the program fails to connect in a timeout hangs in a neverending loop.

Thanks!

Hi Tariq

I was going to try your tool because of the issues with “psexec” output handling. Like someone else already specified when I login with credentials “/user:username /pwd:password” it says:

Initiating Connection to Remote Service . . . Failed
Couldn’t connect to \\machine-name\ADMIN$
Logon failure: unknown user name or bad password.
Q: Not sure why it says \ADMI$, I’m logging as a user.
As I’ve already stated this works with “psexec” I get through and I use these credentials everyday to log to the remote machine.

Any help/hint will be appreciated.

Roman

This tool looks like the way forward for me, it actually works under .NET and I can capture the stdin/out streams unlike psexec, however (inevitably) i have a problem when I try to hit any network resource:

xcopy /E /S /H /I \\server\share\dir C:\temp

Throws up this:
Invalid drive specification
0 File(s) copied

Also,

net use * \\server\share

yields:
The password is invalid for \\server\share.

Access is denied.

I’m using my own domain admin account to run remcom using /user /pwd arguments. As the help text explains that network resources will be unavailable if I don’t. Looks like network resources are unavailable anyway… This didn’t happen with psexec, any idea what’s going on?

Very Good. Any chance in porting it to C# ?

Congratulations!
Very useful tool

Hi,

i’m currently working with psexec but having some problems :

Is it possible to hide the execution of an executable runned with RemCom ?

Does RemCom runs on Itanium ?

Hi Talha Tariq

Please can you explain how to pass command line argument, to install any exe. However

In Psexec Tool
————–
psexec.exe \\hostname –u XXX–p XXX-c -f -i -e E:\win32.exe

In above exe is copied to system32 folder and “installed”

How about in RemCom Tool:
————————

RemCom.exe \\10.100.100.100 /user:XX /pwd:XX /c E:\win32.exe

In RemCom exe is copied to system32 folder only how to trigger the above exe in order to install in remote machine. I want to pass any extra arguments with above command . Please advise me on the same

RemCom DEOS execute a file after copying it on the remote machine, if that is not happening it is either a bug or you are not doing it right.

Talha

Thanks for your reply. I wan to manually execute through runas command then trigger the exe right.

remcom.exe is great but it would be helpful if you could login and work as a specific user instead of as the system account

Salam Tariq. That’s Great work, I found it very useful in my project. And its /c option have solved my big problem. Without wasting my time I get your working code and implement it in my project via dll. Thanx Again for your contribution. I will release my working copy of my project soon on sourceforge.net

Hi,

Anyone knows how to remote install a msi package using remcom? My command line is:
remcom \\10.0.0.1 /user:test /pwd:test msiexec /i c:\temp\MBSASetup.msi /qn
MBSASetup.msi is in c:\temp on target machine. The command always hangs. Any idea?

In addition to the newer feature of PSexec… duplicating those of BeyondExec (free alternative as well) would be nice.

http://www.beyondlogic.org/solutions/remoteprocess/BeyondExec.htm

I believe icluding NT 4.0 in the platforms supported on this page is incorrect. You only support W2K+ per the source.

“Platform and Language : RemCom is written in C++ and works on NT 4.0, Win2K, Windows XP and Server 2003 including x64 versions of Windows.”

yea support for NT4.0 is depreciated when I added a few API calls like CreateProcessAsUser for impersonation which Microsoft introduced from windows 2000. I could not find an API which was available on all platforms. In any case why are u using NT 4 still ?

> In any case why are u using NT 4 still ?

Pointing out that you should update the “Platform and Language” section on this webpage to NOT include NT4, does not in any way means that I “USE” NT4. Your making a huge jump there.

[...] the word for you. You can use SlickRun to call and provide parameters to batch files or tools like RemCom and NirCmd to execute complex operations on remote computers using simple commands. The [...]

hi

Your remcom sounds good for its real purpose. But I used to use psexec as a wrapper to execute commands from other software on the localhost for the nowait feature . With psexec I did not need to enter login and password.

If I try remcom . “notepad.exe” it returns login failure.

Do I absolutly need to identify a command on localhost.

Thanks anyway

My PC is XP
When execute the command remcom.exe we get the following message:

Couldn’t connect to \\fasa-citi\ADMIN$
Access is denied.

We used “net use \\fasa-citi\Admin$ /user:xxxxx”
and get the following message:
System error 5 has occurred.
Access is denied.

Could you help me with this issue.

Hi,

This is not a problem of RemCom. The following Knowledge base articles of might be some help:

http://support.microsoft.com/kb/555644
http://www.chicagotech.net/systemerrors.htm#System%20error%20%205%20-%20Access%20is%20denied

I am testing the two executable files thats Remcom.exe and Rctrlx.exe, so i wanted to know what is the difference? Coz when i am doing the testing both these behave in the same way. Can you give more details on this Talha.

I havent heard of Rctrlx.exe, can u pass me on the link ?

Brother, here is the link
http://www.geocities.com/gtalon51/projects.html

Can you please reply to my query?

Still waiting for your reply………

you can use anyone of them according to ur wish and needs. I can only answer technical or functional details of Remcom. If u dont want to go deep in code then use anyone as long as they work ..

1. Can we execute commands that take into a subshell e.g. telnet or invoking cmd.exe etc and then invoking commands within the sub-shell? And how do we do that using this RemCom?
2. Does this remcom support the Hop scenario of command execution e.g. you telnet to system A from where you telnet to a system B and continue this chaining to finally execute a commad like, say “dir”? And how do we do that using this RemCom?

Hi — any way to pass a username that includes spaces, like: domain/joe smith

I’ve tried the following, and none seemed to work:

/user:”domain/joe smith”
/user:domain/joe\ smith
“/user:domain/joe smith”

Also, are there any problems if passwords contain characters like @ or . (dot)?