[원도우] Sysinternals 제품군(PsTools)

Sysinternals 제품군(PsTools)

 

Download PsTools Suite

- https://technet.microsoft.com/en-us/sysinternals/bb896649.aspx

 

1. 원격 컴퓨터에 시스템 기본 공유인 IPC$, ADMIN$ 둘다 있어야 한다.

net share

 

2. 내장 Administrator 계정이 아닌 Administrators 그룹의 계정을 사용하려면 원격 컴퓨터에 UAC가 꺼져 있어야 한다.

UAC 확실히 끄는 방법

REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /s | FIND "EnableLUA"

C:\>REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /s | FIND "EnableLUA"
    EnableLUA    REG_DWORD    0x1

REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f

C:\>REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 0 /f
작업을 완료했습니다.

REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /s | FIND "EnableLUA"

C:\>REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /s | FIND "EnableLUA"
    EnableLUA    REG_DWORD    0x0

3. TCP 445 포트를 사용하므로 원격 컴퓨터에 윈도우 방화벽 TCP 445 포트가 오픈되어 있어야 한다.

netstat -an | findstr 445

C:\>netstat -an | findstr 445
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
  TCP    [::]:445               [::]:0                 LISTENING

라우팅 테이블 추가

psexec \\192.168.56.103 -u Administrator -p password1234 cmd /c "route add -p 10.1.1.0 mask 255.255.255.0 192.168.56.1"

C:\>psexec \\192.168.56.103 -u Administrator -p password1234 cmd /c "route add -p 10.1.1.0 mask 255.255.255.0 192.168.56.1"
 
PsExec v2.11 - Execute processes remotely
Copyright (C) 2001-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
 
 
 확인!cmd exited on 192.168.56.103 with error code 0.

 

참고URL

- 설치 방법(ZETAWIKI) : http://zetawiki.com/wiki/Sysinternals_%EC%A0%9C%ED%92%88%EA%B5%B0 

- http://snoopybox.co.kr/1674