lilith/tldr
1
0
Fork 0
mirror of https://github.com/tldr-pages/tldr.git synced 2025-07-18 19:55:25 +02:00
Code Activity
tldr/pages/common/psexec.py.md
Machiavelli 8cd726d95f
psexec.py, impacket-psexec: add page (#17094)
2025-07-09 06:04:19 +03:00

1.1 KiB
Raw Blame History

psexec.py

Execute commands on a remote Windows machine using RemComSvc, providing PsExec-like functionality. Part of the Impacket suite. More information: https://github.com/fortra/impacket.

  • Spawn an interactive shell on a remote target:

psexec.py {{domain}}/{{username}}:{{password}}@{{target}}

  • Execute a specific command on a remote target:

psexec.py {{domain}}/{{username}}:{{password}}@{{target}} {{command}}

  • Copy the filename for later execution, arguments are passed in the command:

psexec.py -c {{filename}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}

  • Execute a command from a specific path on a remote target:

psexec.py -path {{path}} {{domain}}/{{username}}:{{password}}@{{target}} {{command}}

  • Authenticate using pass-the-hash authentication instead of a password:

psexec.py -hashes {{LM_Hash}}:{{NT_Hash}} {{domain}}/{{username}}@{{target}}

  • Use Kerberos authentication for the target:

psexec.py -k -no-pass {{domain}}/{{username}}@{{target}}

  • Specify the IP address of the domain controller:

psexec.py -dc-ip {{domain_controller_ip}} {{domain}}/{{username}}:{{password}}@{{target}}