Download Winexe-static

[Rufo Catulle]

To run windows cmd from linux box, there is one tool you could use, which is winexe. You can download the installer from here. There are 2 ways to install this tool:

1. Use the preinstalled version.Download from hereUnpack the bz2 file: # bunzip2 winexe-static-081123.bz2Change mod to allow execute: # chmod +x winexe-static-081123Make soft link in your /usr/local/bin: # ln -s winexe-static-081123 /usr/local/bin/winexe

2. Compile from sourceInstall necessary packages (gcc, svn, *-devel....)Get sources from hereUnpack the source file: # tar -xvjf winexe-source-081123.tar.bz2Compile according to README file:cd to unpacked tar.bz2 sources./autogen.sh./configuremake proto bin/winexeCompiled file will be located in wmi/Samba/source/bin/winexeInstall winexe:install -s wmi/Samba/source/bin/winexe /usr/local/bin/winexe

To use it is very simple:

# winexe -U foo -W WORKGROUP -n FOO-PC //10.0.0.61 "cmd.exe"

where -U for username, -W for workgroup, -n for target machine netbios name, 10.0.0.61 is the ip address of the target machine and cmd.exe is to start windows command prompt.Once connected, you will get command prompt like below:

Microsoft Windows [Version 5.2.3790](C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS\system32>

To quit, just type exit at the windows command prompt.

That's all :)

Example:winexe --user= --password= // 'cmd /C set'winexe remotely executes commands on WindowsNT/2000/XP/2003 systems from GNU/Linux (probably also other Unices capable to compile Samba4).RequirementsUsageHow does it workHow to get itRemarksChangelogRequirementsLinux/Unix side: Working network Samba is NOT neccessary Windows side: Working network Standard Windows installation with enabled remote sharing and administration (Windows XP Home do not support remote administration). What does it mean exactly: Enabled services: Workstation, Server "Windows Network" is running and "Printer and File Sharing" are activated Enabled "Remote IPC" and "Remote Admin" shares. To verify it, in cmd box run command "net share", and check if there are ADMIN$ and IPC$ shares. In Windows XP to enable it you should turn off "Simple sharing" in "Control Panel\Folder Options\View\Use simple file sharing". Account with administrative privileges and not empty password Firewall rules allowing traffic between both machines Usagewinexe started without arguments shows list of options, using "--help" will show their descriptions.Most of the tasks can be done using syntax:winexe -U [Domain/]User%Password //host commandWhere 'host' can be given as ip number or DNS hostname and 'command' is a command which will be run on remote system.Examples:# winexe -U HOME/Administrator%Pass123 //192.168.0.10 "ipconfig /all"# winexe -U HOME/Administrator%Pass123 //host 'cmd /C dir C:\'# winexe -U HOME/Administrator%Pass123 //host.com 'cmd /C net stop wuauserv && net start wuauserv && echo AutoUpdates service restarted'# cat winexe -U HOME/Administrator%Pass123 //host cmd net start wuauserv>echo AutoUpdates service restarted>exit>EOFMany options of winexe are the same as for Samba tools and you can check for their description in Samba documentation.Below description of most important options:winexe specifichostWindows hostname provided as ip address or DNS name. Using NETBIOS names should be also possible after playing with Samba specific options.commandCommand which will be run on remote system. If command contains spaces and/or parameters use quotes and/or double quotes, ex. '"long name.exe" -option -"option with spaces"', if you like to run internal cmd interpreter command use "cmd /C" syntax, ex. "cmd /C ver".If command interact with desktop GUI check option --interactive.--uninstallUninstall winexesvc service after remote execution--reinstallReinstall winexesvc service before remote execution--systemRun command using SYSTEM account--runas=[DOMAIN/]USERNAME%PASSWORDRun command as user (BEWARE: password is sent in cleartext over net)--interactive=01Desktop interaction: 0 - disallow, 1 - allow.If you allow use also --system switch (Win requirement). Windows Vista do not support this option.--ostype=012OS type: 0 - 32bit, 1 - 64bit, 2 - winexe will decide. Determines which version (32bit/64bit) of service will be installed.General-U [DOMAIN/]USERNAME[%PASSWORD]User with admin privileges for Windows authentication. If not overrided by other options 'command' will be run on this account. If you omit password you will be prompted.-d DEBUGLEVELSet debug level, 0 - no debug (default), 11 - highest level (it is safe to use bigger numbers)Exit code: winexe returns exit code of remote process.How does it workwinexe connects to IPC$ share of host.Next it tries to open winexesvc control named pipe (to make things easier pipe is called "ahexe" :)).If there is not such pipe, winexe copies winexesvc.exe to ADMIN$ share, creates winexesvc service, starts it and tries to connect to control pipe again.After succesfull connection it passess optional parameters (ex. --runas, --system) and the command itself to winexesvc process via the pipe.winexesvc creates two pipes: ahexec_stdio%08X, and ahexec_stderr%08X(where %08X is replaced by unique number) and runs command with I/O redirected to those pipes.winexe redirects those pipes to Linux console.After command exit winexe return its exit code to system.How to get itwinexe sources are hosted on Zenoss together with DCOM/WMI client for Linux.You can get sources from here: winexe-source-081123.tar.bz2How to get it:Precompiled version (linked statically) Download winexe-static-081123.bz2 Unpack: bunzip2 winexe-static-081123.bz2 Change permissions if necessary: chmod a+x winexe Use it FYI: During static linking I have recieved following warnings:bin/static/libldb.a(ldb_modules.o): In function `ldb_try_load_dso':ldb_modules.c:(.text+0x4c5): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libauth.a(auth_unix.o): In function `talloc_getpwnam':auth_unix.c:(.text+0x3f6): warning: Using 'getpwnam' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libheimdal_krb5.a(get_default_principal.o): In function `_krb5_get_default_principal_local':get_default_principal.c:(.text+0x132): warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libheimdal_krb5.a(addr_families.o): In function `krb5_parse_address':addr_families.c:(.text+0x1780): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libsamba-socket.a(socket_ipv6.o): In function `ipv6_tcp_get_peer_name':socket_ipv6.c:(.text+0xa12): warning: Using 'gethostbyaddr' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libsamba-util.a(system.o): In function `sys_gethostbyname':system.c:(.text+0x19): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libsamba-socket.a(socket_ipv6.o): In function `interpret_addr6':socket_ipv6.c:(.text+0x76): warning: Using 'gethostbyname2' in statically linked applications requires at runtime the shared libraries from the glibc version used for linkingbin/static/libheimdal_krb5.a(get_port.o): In function `krb5_getportbyname':get_port.c:(.text+0x20): warning: Using 'getservbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking GLIBC version used for linking: 2.9 WARNING:Users reports that static version often crashes on systems with different GLIBC version You can check GLIBC version using command: ldd --version Compile from sources Install necessary packages (gcc, svn, *-devel....) Get sources from winexe-source-081123.tar.bz2. Compile samba according to README file: cd to unpacked tar.bz2 sources ./autogen.sh ./configure make proto bin/winexe Compiled file will be located in wmi/Samba/source/bin/winexe Install winexe: install -s wmi/Samba/source/bin/winexe /usr/local/bin/winexe I have not tested those instructions step by step, but I hope idea is clear.Remarkswinexe is very quiet, if you want to have some (not too much) debug info run with -d 1 parameter.wmi/Samba/source/winexe/winexesvc can be compiled by crosscompiler or in Windows using Cygwin or Mingw32.If you compile service under win after succesfull make, copy winexesvc_exe.c into wmi/Samba/source/winexe/winexesvc/ directory.You can also use 'precompiled' version of winexesvc_exe.c, which is included in svn, you can 'touch' it to fool compiler if neccessary.ChangelogChangelog:0.90 - 22/11/08 Added 64bit version of winexesvc, and option --ostype=012. Where os type can be(0 - 32bit, 1 - 64bit, 2 - winexe will decide). 0.80 - 26/10/07 Added --interactive option. winexesvc is replaced only if version differs on more than last digit.0.77 - 11/10/07 Fixed bug causing winexe crash during service uninstallation.0.76 - 10/10/07 Service status is checked during service (un)installation. Corrected service installation code(case of deleted winexesvc.exe file).0.75 - 09/07/07 Added workaround for delayed pipe handle destruction(error 0x000000E7). Removed token handle leaks in case of error condition.0.74 - 04/07/07 Added version checking and automatic service reinstallation Pipe names now depends on ProcessID(should solve issue with unterminated winexe processes)0.73 - 29/06/07 Corrected bug in signal handling0.72 - 26/06/07 Added winexe INT/TERM signal handling0.71 - 22/05/07 Workarounds for win2003sp2 service (re)installation issues Removed token handle leaks in winexesvc0.7 - 25/07/06 Making code more pretty. By default commands run on user's account. Added --system - commands run on system account. Added --runas - any user can be impersonated(BEWARE: passwords are sent in clear text). Many changes in winexesvc.0.61 - 07/07/06 Fixed bug in svcctl.idl Changed types of 'dependencies' and 'password' params in CreateServiceW.0.6 - 07/07/06 svcctl.idl cosmetics Linux code style applied, semi automatic. Removed // style comments. Changed includes to 0.5 - 06/07/06 Cleaned up winexe/service code. Changed deps in winexe/config.mk. Renamed directory service to winexesvc. STDIN read corrected. async_write serialized - now server should receive input in correct order.0.4 - 02/07/06 Added dependencies in winexe/config.mk to auto rebuild service. Turned off timeouts - proces do not disconnect after 60sec. Added some debug messages. Removed small leaks in winexesvc.0.3 - 02/07/06 winexe is fully integrated with smb_build system. Now there is no need to separately compile winexe/service. I have also removed symlink to winexesvc_exe.c, should be cleaner.0.2 - 02/07/06 Now it works with NT - all pipes are created with security descriptor allowing admins to open it. Added options --reinstall/--uninstall. Added error messages, cleaned debug messages(-d 1). Some code cleaning. Added 'precompiled' winexe/service/winexesvc_exe.c, for users without crosscompiler or windows compile enironment.0.1 - 01/07/06 In winexe dir added link to winexe/service/winexesvc_exe.c, I am not sure if patch utility supports it.0.0 - 30/06/06 Initial releaseDonationsYou can support developement of winexe by making donations via PayPal or Moneybookers:Donate: EUR PLN USD My e-mail: andrzej.hajda at wp.pl

download winexe-static

Download File https://t.co/tZpeRe4TcT

35fe9a5643