Following the path we were on former posts , if we have seed with psexec, noe it’s very easy to make new tools. Three examples:

winshell.sh
With this tool we get a shell in windows servers. It doesn’t use psexec because it haven’t, cmd.exe is in system path.

#!/bin/bash

[ $# -ne 1 ] && echo "Error, I need one argument" && echo "Use: $0 server" && exit 1
PROGPATH=echo $0 | /bin/sed -e 's,[\/][^\/][^\/]*$,,'
. $PROGPATH/winvars.sh

winexe //$1 "cmd" $PSCREDENTIALS


wininfo.sh
With this tool we can get some server information. Physical RAM, SO version, uptime, number of processos, frequency of them, and video card driver. This last detail doesn’t seems important at all, but it’s very useful, because it can tell you wether if a server is physical or virtual. If video driver is something like “ATI Technologies Inc. 3D RAGE IIC PCI”, then it’s a physical machine. If video driver is something like”VMware SVGA II”, then it’s a virtual machine.

#!/bin/bash

[ $# -ne 1 ] && echo "Error, I need one and only one argument" && exit 1
PROGPATH=echo $0 | /bin/sed -e 's,[\/][^\/][^\/]*$,,'
$PROGPATH/winpsexec.sh $1 pstools\psinfo


winkill.sh
As its name clearly stands, it’s a process killing tool (we can previously know the PID useing winps.sh).

#!/bin/bash

[ $# -ne 2 ] && echo "Error, I need two arguments" && echo "Use: $0 server pid" && exit 1
PROGPATH=echo $0 | /bin/sed -e 's,[\/][^\/][^\/]*$,,'
$PROGPATH/winpsexec.sh $1 "pstools\pskill $2"