Psexec.exe: A Powerful tool for IT Admins
Vložit
- čas přidán 3. 07. 2024
- Psexec.exe is a powerful command-line local and remote shell that can offer powerful solutions facing IT admins running an enterprise network. It is a remote shell that works with most CLI programs and utilities, PowerShell, can be executed in a batch file or PS1 file. Allows applications and utilities to be executed under the SYSTEM account. Does not require installation and removes all processes, threads, and functions upon termination both locally and on the remote host. Psexec allows you to control what session the program/utility runs. Learn a tool that you will find so many uses for in your work environment.
Please consider becoming a channel member:
• you get an early viewing of all our video content
• access to the complete series of videos for each subject
• links to video notes and PowerPoint slide deck both in MS-Word and PDF format
• Our eBook and resources folder
• Join our channel membership, it’s $2.99/month); see the “Join” button on our channel homepage. / @techsavvyproductions
"Everybody can be great... because anybody can serve. You don't have to have a college degree to serve. You don't have to make your subject and verb agree to serve. You only need a heart full of grace. A soul generated by love." Martin Luther King Jr.
Check out our CZcams channel for more content!
CZcams: / vanderl2796
Check out our Website: www.techsavvyproductions.com
Follow us on Twitter: @_TechSavvyTeam
Like us on Facebook: / tech-savvy-productions...
Mr.V Linkedin: / lowell-vanderpool-5797...
Links to Documentation
PowerPoints in *.pptx format:
docs.google.com/presentation/...
Slide Deck in PDF:
drive.google.com/file/d/1cOgQ...
Video Notes in *.docx:
docs.google.com/document/d/1s...
Video Notes in PDF:
drive.google.com/file/d/16XDJ...
Email: mrvanderpool@techsavvyproductions.com
More TechSavvyProductions Videos that you might enjoy:
We translate subtitles on our videos into the following languages: عربى, българскиB, 简体中文), 中國傳統的), Nederlands, Suomalainen, Pilipino, français, Deutsche, हिंदी , Magyar, bahasa Indonesia, 日本語, 한국어, norsk, Polskie, português, Română, русский, Española, Kiswahili, Svenska, and Tiếng Việt
#techsavvyproductions #vanderl2796 #LowellVanderpool
1. Introduction to building SMB Firewall rules using open-source security appliances.
• Open-Source Pfsense Fi...
2. Solving Electrical Problems in your Data Network
• Electrical Mysteries U...
3. What is Software Defined Networking: SDN?
• SDN 101: A Comprehensi...
4. What is a ToR network switch?
• ToR Switch Demystified...
5. Removing the Mystery of Hyper-V Checkpoints
• Removing the Mystery o...
6. Day 1: Troubleshooting Windows Applications. What is a process and What are threads?
• Mastering Windows Appl...
7. Day 2: Troubleshooting Windows Applications. Types of Applications and Processes.
• Troubleshooting Essent...
8. TPM 2.0 Trusted Platform Module Introduction
• TPM 2.0 Unveiled: Empo...
9. Advanced Troubleshooting for Frozen/Lockup Computers/Servers and Applications
• Resolving Windows Appl...
10. Windows Docker Containers: Explained
• Unlocking the Power of... - Věda a technologie
Been watching your videos for years. Thank you for going in depth with this tool as I use it but now have a better understanding of it and learned so many new things it can do. I Appreciate all the great content 👌
Thank you for watching!
One of the best tutorials I have seen on CZcams. Thank you!
Thanks for the comment!
One of my new favorite lessons on this channel. Thank you for this video.
Awesome, I enjoyed doing the video. Always glad to hear a good feedback.
Love it!! I love how you leave the errors… and explain how you corrected them…
Thank you.
Thanks for watching!
Essa foi uma das aulas mais úteis que já assistí aqui, parabéns pelo seu conteúdo.
Obrigado por seus comentários e por acompanhar o canal!
Fantastic. Just found your channel. Subbed!
Welcome aboard!
thank you making such curical topic video, your videos are useful for us who is working as sysadmin.
It's my pleasure
Thanks a lot, brilliantly explained. Very educative.
Glad it was helpful!
Thanks a lot MR.V
Thanks for watching!
I never hear about that channel! awesome!
Thanks for watching.
Great tool I like it plus your presentation is super straight forward. Thanks
Thanks for watching!
Hats off. Great content great editing
Thank you for investing time in creating this video.. bless you 🙌 🙌
Thanks for watching!
Great Tutorial, Thank you.
Thanks for watching!
Much thanks for beautiful explanation
Thanks for the comment.
Great video, this is very weaponizable!!!
Keep in mind if basic security is compromised all tools can be weaponized. It is a fantastic tool for admins as is PowerShell.
THANK YOU SO MUCH!
You're welcome!
nice discovery! new sub indeed! TY!
Welcome!!!
My favorite Channel 💪💪💪💪
Thanks for watching!!!
Desde Perú, excelente guía.
From Peru, useful guide!!
¡Gracias por el comentario y por mirar!
This is very useful lesson on brilliant tool. Thank you sir.
Thanks for watching!!
Excellent. Glad I subscribed
Awesome, thank you!
Excellent. Thank you.
Thanks for watching!
Excellent tutorial.. Thanks !
Thanks for watching!
Was a sysadmin for years before I became familiar with PSExec.exe and boy it is such a game changer. Everyone in IT should be familiar with how to use it. Be careful however, always remember the more powerful the tool, the more respect you need to give it. Think carefully before you hit that big enter key.
LOL You are so right!
Sir you are awesome! 🙏🙏🙏🙏👏
Thanks for watching!
Thanks for your information Sir 👍
Thanks for watching!
You, sir, are amazing
Thanks for watching!
The biblical verses is just icing on the cake Mr. V 🍻. All your content is superb.
Glad you enjoy it!
Thankyou Sir for your effort
It's my pleasure
Thanks for filling us in on how hackers do things :-)
Mike just keep your admin credentials secure and I promise they will not use them.
Thanks, so amazing 👌🏻
Thanks for watching!
LV is the man!
Thank you for watching!
There is one tool called batchpatch which uses this same psexec service and help to install everything in network.
TX for depth knowledge sirjee.
Thanks for sharing!
Nice video, TNX.
Glad you liked it!
Splendid stuff sir, really splendid!
Glad you enjoyed it
@@TechsavvyProductions I've been in IT since the 90's. So many people fail to grasp how for many people the help file just showing switches doesn't actually translate into use. The smart folks will just 'get it' but many ordinary folk are left head scratching. In this video, you covered usage, but went quite deep into the actual examples of usage.
If I could change one thing over the last 30 years, I'd have got people making the man pages and the destructions, and their /help and their command outlines have the switches, but also show some example usage lines of the switches.
This is what you did here. You created a tour de force video on PSEXEC.
Thank you :)
What you just shared is very true. Developers cut their teeth on command-line principles and early in their career get a good dose of syntax, but the IT professional is dropped off at the pool and left to swim or die. Syntax varies by who writes the code and often leaves everyone pulling hair. The video is addressing people like you and I who often need help in really understanding how it works and how to use parameters correctly. Thanks for the comment.
Mark Russinovich recommended your video 😉
Malcolm, thanks but he doesn't know I exist. : )
AMAZING VIDEO !
Thanks for watching John!
Nice video very informative
Glad you liked it
great tutorial thank you so much. one question do we need to do a configuration on the remote computer in order to work? like installing psexec or something else. in addition to probably have the print sharing port enable
Thanks for the comment!
SSH! been doing this for years on linux; unix; macOS.
When it comes to remote command line you are spot on!
спасибо, было познавательно
Спасибо за просмотр!
Great delivery but I've got no use for the flash bang intro stuff. Content was impressive.
Thanks for the comment and honest feedback!
Beautiful video and insight of psexec thank you
Does the concept of the sessions apply also to Linux/Unix systems? Do they have 3 session total too in the same way?
Thank you
Great question: I am not as sure of the GUI architecture in Linux as I am in Windows. I will look and see if anyone does a comparison.
it isnt necessarily 3 sessions, esch user who logs in will have another session created for them.
for example: session 0 is created on boot and when the normal user logs in, session 1 is created for thet user. when someone connects with RDC, session 2 is created for it. lets say a second user logs into the computer (e.g. a family member), they would get session 3
and so on…
So for example with the VLC install if you did not specify a silent install would you have seen the VLC installer appear on your local machine where you scroll through the licence agreement and hit next several times to install it on the remote machine? Or is that type of remote install only capable over a GUI like remote desktop, teamviewer etc?
Ross, this a console tool so no GUI that is why we want a silent install. If you using RDC or Teamviewer then you are thinking correctly but then must select the proper "session" if you want to interact with the install. Great questions!
@@TechsavvyProductions so what would have happened if you didn't select "silent" and just ran the installer while still being within the "session 0" mode? Would the user have seen a GUI installer pop up & would you would have been presented with installation options like agreeing to the EULA, choosing the installation directory etc via your shell prompt?
Keep in mind Session 0 is where protected processes and services are run and the logged on user can not interact with them. You must select a session that the user can view {logged on with keyboard Session 1} {RDC or virtual machine Session 2}
hello there great video very interesting theme . I wonder if we must use always Admnistrator system user or we can work with a local admin account too.????
Luis, yes you can use local admin also.
@@TechsavvyProductions i tried but it didn't work for me . I have error you need to enable admin$ share on this computer
How do you get the system information on your desktop?
systeminfo.exe is a great CLI tool that will pull system information back to your workstation via psexec.exe docs.microsoft.com/en-us/windows-server/administration/windows-commands/systeminfo
Hey somehow I have a weird error: When running 'psexec \\IP-Address -siu Administrator cmd' I get the cmd on my machine, but when I want the cmd to pop up on the remote machine, I run the same command you did in the video so 'psexec \\IP-Address -s -i 2 -u Administrator cmd' i get 'access denied - psexec could not start cmd on 'IP-Address'' do you have an idea what this is about and how to solve this?
Make sure your Administrator account is not disabled
why would you use Psexec rather than Powershell?
AFAIK powershell is more secured and uses really well windows API (powershell was created by microsoft). Its also native in all kind of windows.
And if you want to connect to a remote machine (Enter-PSsesion can do it) and Invoke-command can run scripts to many systems parallely
I just want to understand why psexec?
Efrain, you are correct PowerShell is the tool for Enterprise! The video was simply explaining how to use it and how it works. It still can be a useful tool for many. Cheers!
Psexec pode ser usado em rede sem domínio, apenas rede doméstica?
Ele suporta contas de administrador local
IS there any workaround to getting PSEXEC to be able to speak with workstations that have had their Admin$ share disabled? I'm hitting in impasse with this at work.
It is rare to find Enterprises disabling Admin$, no it is a requirement for PSEXEC.
Thanks for confirming. And great video!
nevermind i just checked we only need port 445 running , thanks
Thanks for watching!
What about internet route?
Thanks for watching!
how to bind DLL with psexec
not sure exactly what you mean by "bind DLL" but generally what you can do locally can be done remotely with psexec if console based.
Or just use an remote terminal? Not sure of the advantage of this.
William, you are correct there are many tools for remote administration, psexec.exe is just one more in your tool box. Thanks for watching!
It is also great in spreading Ransomware
Any admin tool can be dangerous in the wrong hands.
@@TechsavvyProductions especially Microsoft admin tools
This tool will loose its power fast in serious IT as the whole remote part and how it works is more seen as a security problem than a usefull tool. So the way it connects to remote machines is blocked in business environments more and more. For me it is a little bit of a guess if i can use this at customer sites or not. Most of the time the bigger the customer the less chance that it still works.
Leon thanks for the comments!
nice tool can be more helpful
Yes, thanks
Tn
Thanks for watching!
PsExec - это облегченная замена Telnet, так что автор ролика ламер.
Спасибо за честный отзыв
Oh c“mon. Arrive in 21st century and use Remote PowerShell. The first thing you do, when dealing with it security, is to get ridd of psexec - fast!
Great comment, Remote PowerShell is awesome and is the go to automation CLI for admins. Psexec.exe is just another great tool and once understood can really be a quick solution to many problems. Psexec.exe though is not a security risk, without compromised credentials it is useless. Thanks for taking the time to comment.
Windows should have useful tools built-in and not require people to download them. It's dumb
Good point, there are a ton of tools built in but Mark shares in this video done recently why he opted to keep this group of tools outside the Windows build cadence. czcams.com/video/tR22u6H8E5w/video.html
Can you play more annoying music in your introduction video? Because it really puts me off
Craig thanks for feedback!
lets be honest, 99% of ppl just play around with psexec instead of actually using it for administration.
on my school pc i accidentally elevated my privileges to NT AUTHORITY\SYSTEM and i had created a fake error with VBS.
so i ran psexec64.exe \\* -i -s -d C:\users\1849245\desktop\error.vbs (that command executed my fake error on every school computer in the school)
the teacher ended up calling IT 💀
If you decide to work in IT admin you will find it very handy to do useful work!
yeah. this is an essential tool in the IT business, but also there are ppl who want to have fun with it as well.
it just depends on what type of person you are and what sort of job you have. you have to be careful with the tool tho because if it falls into the wrong hands, (e.g. a hacker) that could be a serious issue