psexec.py, impacket-psexec: add page (#17094)

2025-09-10 15:13:52 +02:00 · 2025-07-09 06:04:19 +03:00 · 2025-07-09 06:04:19 +03:00 · 8cd726d95f
commit 8cd726d95f
parent fbdea13371
2 changed files with 40 additions and 0 deletions
--- a/pages/common/impacket-psexec.md
+++ b/pages/common/impacket-psexec.md
@ -0,0 +1,7 @@
+# impacket-psexec
+
+> This command is an alias of `psexec.py`.
+
+- View documentation for the original command:
+
+`tldr psexec.py`
--- a/pages/common/psexec.py.md
+++ b/pages/common/psexec.py.md
@ -0,0 +1,33 @@
+# psexec.py
+
+> Execute commands on a remote Windows machine using `RemComSvc`, providing PsExec-like functionality.
+> Part of the Impacket suite.
+> More information: <https://github.com/fortra/impacket>.
+
+- Spawn an interactive shell on a remote target:
+
+`psexec.py {{domain}}/{{username}}:{{password}}@{{target}}`
+
+- Execute a specific command on a remote target:
+
+`psexec.py {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
+
+- Copy the filename for later execution, arguments are passed in the command:
+
+`psexec.py -c {{filename}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
+
+- Execute a command from a specific path on a remote target:
+
+`psexec.py -path {{path}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}`
+
+- Authenticate using pass-the-hash authentication instead of a password:
+
+`psexec.py -hashes {{LM_Hash}}:{{NT_Hash}} {{domain}}/{{username}}@{{target}}`
+
+- Use Kerberos authentication for the target:
+
+`psexec.py -k -no-pass {{domain}}/{{username}}@{{target}}`
+
+- Specify the IP address of the domain controller:
+
+`psexec.py -dc-ip {{domain_controller_ip}} {{domain}}/{{username}}:{{password}}@{{target}}`