Archive
Archive for October, 2010
Powershell – How to use a config file (ini, conf,…) with a Powershell Script ? Is it possible ?
2010/10/30
Leave a comment
Hi
Is it possible to use a configuration file with a PowerShell script ?
for example, the configuration file:
#links
link1=http://www.google.com
link2=http://www.apple.com
link3=http://www.microsoft.com
and then call this information in the PS1 script:
start-process iexplore.exe $Link1
thanks in advance for your help!!
Your answers put me on the good track and I found this
SETTINGS.TXT
#from http://tlingenf.spaces.live.com/blog/cns!B1B09F516B5BAEBF!213.entry
#
[General]
MySetting1=value
[Locations]
InputFile="C:\Users.txt"
OutputFile="C:\output.log"
[Other]
WaitForTime=20
VerboseLogging=True
POWERSHELL COMMAND
#from http://tlingenf.spaces.live.com/blog/cns!B1B09F516B5BAEBF!213.entry
#
Get-Content "C:\settings.txt" | foreach-object -begin {$h=@{}} -process { $k = [regex]::split($_,'='); if(($k[0].CompareTo("") -ne 0) -and ($k[0].StartsWith("[") -ne $True)) { $h.Add($k[0], $k[1]) } }
then
After executing the code snippet, a variable ($h) will contain the values in a HashTable.
Name Value
---- -----
MySetting1 value
VerboseLogging True
WaitForTime 20
OutputFile "C:\output.log"
InputFile "C:\Users.txt"
*To get an item from the table use the command $h.Get_Item(“MySetting1”).*
Categories: Knowledge, Powershell
INI, powershell, Script
Powershell – Finding Old Files
2010/10/30
Leave a comment
source:http://powershell.com/cs/blogs/tips/archive/2008/11/20/finding-old-files.aspx
Occasionally, you might want to find files that are older than a give number of days to delete or backup those. A simple filter can provide that functionality:
filter FileAge($days) { if ( ($_.CreationTime -le (Get-Date).AddDays($days * -1) )) { $_ } }
Pipe the result of a Dir into FileAge filter, and it will only let those files pass that are at least the specified number of days old. The following line finds all PowerShell Script files in your personal folder that are at least 10 days old:
Dir $home\*.ps1 | FileAge 10
You could easily delete or backup the resulting files like this:
Dir $home\*.ps1 | FileAge 10 | Del -WhatIf
Categories: Knowledge, Powershell
powershell, Script
Active Directory – Saved Queries (ADUC MMC)
2010/10/30
Leave a comment
Tags: AD Active Directory ADUC mmc saved queries query ldap
Windows XP Computers with Service Pack 2 Installed
(&(objectCategory=computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 2))
Windows XP Computers with Service Pack 1 Installed
(&(operatingSystem=Windows XP*l)(operatingSystemServicePack=Service Pack 1)))
Windows XP Computers with No Service Pack Installed
Notice the “!” before operating SystemServicePack and the “*”. The “!” means NOT so the statement reads “NOT equal to anything” instead of NULL or empty quotes (””) like some other languages.
(&(operatingSystem=Windows XP Professional)(!operatingSystemServicePack=*)))
Windows Server 2003 No Service Pack 1
(&(objectCategory=computer)(operatingSystem=Windows Server 2003)(!operatingSystemServicePack=*))
Windows Server 2003 Service Pack 1 Installed
(&(objectCategory=computer)(operatingSystem=Windows Server 2003)(operatingSystemServicePack=Service Pack 1))
Windows 2000 Professional
(&(objectCategory=computer)(operatingSystem=Windows 2000 Professional))
Windows 2000 Server
(&(objectCategory=computer)(operatingSystem=Windows 2000 Server))
All Windows Server 2003 Servers
(&(objectCategory=computer)(operatingSystem=Windows Server 2003))
SQL Servers (running on Windows 2003) (please verify in your environment)
(&(objectCategory=computer)(servicePrincipalName=MSSQLSvc*)(operatingSystem=Windows Server 2003))
SQL Servers any Windows Server OS
(&(objectCategory=computer)(servicePrincipalName=MSSQLSvc*)(operatingSystem=Windows Server*))
Exchange Servers (running on Windows 2003) (please verify in your environment)
(&(objectCategory=computer)(servicePrincipalName=exchangeMDB*)(operatingSystem=Windows Server 2003))
Exchange Servers any Windows Server OS
(&(objectCategory=computer)(servicePrincipalName=exchangeMDB*)(operatingSystem=Windows Server*))
Windows Vista SP1
(&(objectCategory=computer)(operatingSystem=Windows Vista*)(operatingSystemServicePack=Service Pack 1))
Windows Server 2008 Enterprise
(&(objectCategory=computer)(operatingSystem=Windows Server® 2008 Enterprise)(operatingSystemServicePack=Service Pack 1))
Windows Server 2008 (all versions)
(&(objectCategory=computer)(operatingSystem=Windows Server® 2008*))
Notice the ® in the Windows 2008 values, it needs to be in the query or there won’t be any results.
Groups Like Service (finds any group name that contains the word service)
(objectcategory=group)(samaccountname=*service*)
Description Like Service (finds accounts in which the description contains the word service)
(objectcategory=person)(description=*service*)
Groups Like Admin (finds any groups whose name contains the word admin)
(objectcategory=group)(samaccountname=*admin*)
Universal Groups (finds groups with universal scope)
(groupType:1.2.840.113556.1.4.803:=8)
Groups with No Members (finds groups that have no members in them)
(objectCategory=group)(!member=*)
Note: The ! symbol means “Not” and * means “Has a value,” so the combination of the two evaluates to “Doesn’t have a value.”
Global, Domain Local, or Universal Groups (finds any group defined as a Global Group, a Domain Local Group, or a Universal Group)
(groupType:1.2.840.113556.1.4.804:=14)
Global, Domain Local, or Universal Groups with No Members (finds any group defined as a Global Group, a Domain Local Group, or a Universal Group that has no members)
(groupType:1.2.840.113556.1.4.804:=14)(!member=*)
User Like Service (finds any account ID that has a name containing the word service)
(objectcategory=person)(samaccountname=*service*)
Password Does Not Expire (finds user accounts with nonexpiring passwords)
(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
No Employee ID (finds any user account that has no employeeid value)
(objectcategory=person)(!employeeid=*)
No Login Script (finds accounts that don’t run a logon script)
(objectcategory=person)(!scriptPath=*)
No Profile Path (finds accounts that don’t have roaming profiles)
(objectcategory=person)(!profilepath=*)
Must Change Password and Not Disabled (finds nondisabled accounts that must change their password at next logon)
(objectCategory=person)(objectClass=user)(pwdLastSet=0)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)
UserList Exclude Disabled Account (finds all user accounts except those that are disabled)
(objectCategory=person)(objectClass=user)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)
Locked Out Accounts (finds all locked out accounts)
(objectCategory=person)(objectClass=user)(useraccountcontrol:1.2.840.113556.1.4.803:=16)
Domain Local Groups (finds groups with Domain Local scope)
(groupType:1.2.840.113556.1.4.803:=4)
Users with Email Address (finds accounts that have an email address)
(objectcategory=person)(mail=*)
Users with No Email Address (finds accounts with no email address)
(objectcategory=person)(!mail=*)
Find Groups that contains the word admin
(objectcategory=group)(samaccountname=*admin*)
Find users who have admin in description field
(objectcategory=person)(description=*admin*)
Find all Universal Groups
(groupType:1.2.840.113556.1.4.803:=8)
Empty Groups with No Members
(objectCategory=group)(!member=*)
Finds all groups defined as a Global Group, a Domain Local Group, or a Universal Group
(groupType:1.2.840.113556.1.4.804:=14)
Find all User with the name Bob
(objectcategory=person)(samaccountname=*Bob*)
Find user accounts with passwords set to never expire
(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
Find all users that never log in to domain
(&(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*))))
Find user accounts with no log on script
(objectcategory=person)(!scriptPath=*)
Find user accounts with no profile path
(objectcategory=person)(!profilepath=*)
Finds non disabled accounts that must change their password at next logon
(objectCategory=person)(objectClass=user)(pwdLastSet=0)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)
Finds all disabled accounts in active directory
(objectCategory=person)(objectClass=user)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)
Finds all locked out accounts
(objectCategory=person)(objectClass=user)(useraccountcontrol:1.2.840.113556.1.4.803:=16)
Finds Domain Local Groups
(groupType:1.2.840.113556.1.4.803:=4)
Finds all Users with Email Address set
(objectcategory=person)(mail=*)
Finds all Users with no Email Address
(objectcategory=person)(!mail=*)
Find all Users, Groups or Contacts where Company or Description is Contractors
(|(objectcategory=user)(objectcategory=group)(objectcategory=contact))(|(description=North*)(company=Contractors*))
Find all Users with Mobile numbers 712 or 155
(objectcategory=user)(|(mobile=712*)(mobile=155*))
Find all Users with Dial-In permissions
(objectCategory=user)(msNPAllowDialin=TRUE)
Find All printers with Color printing capability
Note: server name must be changed
(&(&(&(uncName=*Servername*)(objectCategory=printQueue)(printColor=TRUE))))
Find Users Mailboxes Overriding Exchange Size Limit Policies
(&(&(&objectCategory=user)(mDBUseDefaults=FALSE)))
Find all Users that need to change password on next login.
(&(objectCategory=user)(pwdLastSet=0))
Find all Users that are almost Locked-Out
Notice the “>=” that means “Greater than or equal to”.
(objectCategory=user)(badPwdCount>=2)
Find all Computers that do not have a Description
(objectCategory=computer)(!description=*)
Find all users with Hidden Mailboxes
(&(objectCategory=person)(objectClass=user)(msExchHideFromAddressLists=TRUE))
Find all Windows 2000 SP4 computers
(&(&(&(objectCategory=Computer)(operatingSystem=Windows 2000 Professional)(operatingSystemServicePack=Service Pack 4))))
Find all Windows XP SP2 computers
(&(&(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 2))))))))
Find all Windows XP SP3 computers
(&(&(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 3))))))))
Find all Vista SP1 computers
(&(&(&(&(sAMAccountType=805306369)(objectCategory=computer)(operatingSystem=Windows Vista*)(operatingSystemServicePack=Service Pack 1)))))
Find All Workstations
(sAMAccountType=805306369)
Find all 2003 Servers Non-DCs
(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2003*)))
Find all 2003 Servers – DCs
(&(&(&(samAccountType=805306369)(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server 2003*))))
Find all Server 2008
(&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2008*))))
Categories: Active Directory, Knowledge, Tools
Active Directory, AD, ADUC, MMC, Saved Queries
mRemoteNG – External Applications
2010/10/30
Leave a comment
Application: Windows Computer Manager
This will let you launch the Windows Computer Management MMC against the selected host. This MMC will let you view event logs, manage users, configure disks, manage services, and a whole bunch more.
Filename: C:\windows\system32\compmgmt.msc
Arguments: /Computer=%Hostname%
Application: Zenmap GUI
Zenmap is a GUI front-end for nmap. This is the standard port-scanning tool in use by anybody who knows the difference. Gives you all sorts of detail you won’t find in the built-in port scanning tool.
Filename: C:\Program Files\Nmap\zenmap.exe
Arguments: -p “Quick scan plus” -t %Hostname%
Application: WinSCP
WinSCP is a great, free GUI Secure Copy program.
Filename: C:\Program Files\WinSCP\WinSCP.exe
Arguments: scp://%Username%:%Password%@%Hostname%/
Filename: C:\windows\system32\compmgmt.msc
Arguments: /Computer=%Hostname%
Application: Zenmap GUI
Zenmap is a GUI front-end for nmap. This is the standard port-scanning tool in use by anybody who knows the difference. Gives you all sorts of detail you won’t find in the built-in port scanning tool.
Filename: C:\Program Files\Nmap\zenmap.exe
Arguments: -p “Quick scan plus” -t %Hostname%
Application: WinSCP
WinSCP is a great, free GUI Secure Copy program.
Filename: C:\Program Files\WinSCP\WinSCP.exe
Arguments: scp://%Username%:%Password%@%Hostname%/
Application: FileZilla FTP
Free and open source FTP client for most platforms.
Filename: C:\Program Files\FileZilla FTP Client\filezilla.exe
Arguments: ftp://%Username%:%Password%@%Hostname%
Application: FileZilla SFTP
Same as above, but using the Secure FTP (SFTP) protocol.
Filename: C:\Program Files\FileZilla FTP Client\filezilla.exe
Arguments: sftp://%Username%:%Password%@%Hostname%
Application: VMware Virtual Infrastructure Client
This is specific to anybody managing a VMware vSphere or ESX environment. This will launch the VI client against the selected host. If the host is an ESX server, it will simply connect to the ESX server. If the host is a Windows machine running vCenter, it will attach to the full vCenter environment.
Filename: C:\Program Files\VMware\Infrastructure\Virtual Infrastructure Client\Launcher\VpxClient.exe
Arguments: -s %Hostname% -u %Username% -p %Password%
Application: Firefox
I personally don’t like the browser integration in mRemoteNG. It doesn’t allow me to use all of my Firefox plugins. Therefore I just use a an external app to launch websites.
Filename: C:\Program Files\Mozilla Firefox\firefox.exe
Arguments: %Hostname%
Application: Ping
It’s ping, needs no explanation
Filename: cmd
Arguments: /c ping -t %HostName%
Application: Traceroute
Again, no explanation needed…
Filename: cmd
Arguments: /c set /P = | tracert %HostName%
Application: Cygwin
What’s better than managing all kinds of remote servers with mRemoteNG? Locally managing with mRemoteNG of course! Just install Cygwin and the mintty.
Filename: C:\cygwin\bin\mintty.exe
Arguments: –
I personally don’t like the browser integration in mRemoteNG. It doesn’t allow me to use all of my Firefox plugins. Therefore I just use a an external app to launch websites.
Filename: C:\Program Files\Mozilla Firefox\firefox.exe
Arguments: %Hostname%
Application: Ping
It’s ping, needs no explanation
Filename: cmd
Arguments: /c ping -t %HostName%
Application: Traceroute
Again, no explanation needed…
Filename: cmd
Arguments: /c set /P = | tracert %HostName%
Application: Cygwin
What’s better than managing all kinds of remote servers with mRemoteNG? Locally managing with mRemoteNG of course! Just install Cygwin and the mintty.
Filename: C:\cygwin\bin\mintty.exe
Arguments: –
Application: TOAD
Filename: C:\Program Files\Quest Software\Toad for Oracle\TOAD.exe
Arguments: Connect=%Username%/%Password%@%UserField%
I use the UserField for the SID
BUT WATCH OUT they’ve changed the command line syntax between versions (just search within you TOAD Help for command line)
Application: mcgetmac (MC-WOL Homepage)
Description: find the MAC of a PC (useful for MC-WOL – see below)
Filename: Apps\MC-WOL\mcgetmac.bat
Arguments: %Hostname%
Download the mcgetmac.exe, put it to mRemoteNG’s subfolder (Apps\MC-WOL) and create a mcgetmac.bat with the following 2 lines
mcgetmac.bat
Filename: C:\Program Files\Quest Software\Toad for Oracle\TOAD.exe
Arguments: Connect=%Username%/%Password%@%UserField%
I use the UserField for the SID
BUT WATCH OUT they’ve changed the command line syntax between versions (just search within you TOAD Help for command line)
Application: mcgetmac (MC-WOL Homepage)
Description: find the MAC of a PC (useful for MC-WOL – see below)
Filename: Apps\MC-WOL\mcgetmac.bat
Arguments: %Hostname%
Download the mcgetmac.exe, put it to mRemoteNG’s subfolder (Apps\MC-WOL) and create a mcgetmac.bat with the following 2 lines
mcgetmac.bat
- CODE: SELECT ALL
@Apps\MC-WOL\mcgetmac.exe %1
@pause
Application: Wake-On-LAN (MC-WOL Homepage)
Description: wake up a remote PC over the network (find the MAC by using the mcgetmac.bat from above)
Filename: Apps\MC-WOL\mc-wol.exe
Arguments: %MacAddress% /a %Hostname%
Application: Google Chrome
Filename: \portable\GoogleChromePortable\GoogleChromePortable.exe
Arguments: %HostName%
Application: Internet Explorer
Filename: Internet Explorer\IEXPLORE.EXE
Arguments: %HostName%
Application: Samba
Filename: \portable\Notepad++Portable\Notepad++Portable.exe
Arguments: \samba\%Hostname%_sambaconf.txt
Application: Traceroute
Filename: cmd
Arguments: /c set /P = | tracert %HostName%
Application: Ping
Filename: cmd
Arguments: /c ping -t %HostName%
Application: VNC Viewer
Filename: \portable\vnc\vnc-4_1_2-x86_win32_viewer.exe
Arguments: %HostName%
Application: Windows Computer Manager
Filename: C:\WINDOWS\system32\compmgmt.msc
Arguments: /Computer=%HostName%
Application: WinSCP
Filename: \portable\WinSCP\WinSCP.exe
Arguments: scp://%Username%:%Password%@%Hostname%/
Application: Zabbix
Filename: /zabbix/search.php?search=%HostName%
Arguments:
Filename: \portable\GoogleChromePortable\GoogleChromePortable.exe
Arguments: %HostName%
Application: Internet Explorer
Filename: Internet Explorer\IEXPLORE.EXE
Arguments: %HostName%
Application: Samba
Filename: \portable\Notepad++Portable\Notepad++Portable.exe
Arguments: \samba\%Hostname%_sambaconf.txt
Application: Traceroute
Filename: cmd
Arguments: /c set /P = | tracert %HostName%
Application: Ping
Filename: cmd
Arguments: /c ping -t %HostName%
Application: VNC Viewer
Filename: \portable\vnc\vnc-4_1_2-x86_win32_viewer.exe
Arguments: %HostName%
Application: Windows Computer Manager
Filename: C:\WINDOWS\system32\compmgmt.msc
Arguments: /Computer=%HostName%
Application: WinSCP
Filename: \portable\WinSCP\WinSCP.exe
Arguments: scp://%Username%:%Password%@%Hostname%/
Application: Zabbix
Filename: /zabbix/search.php?search=%HostName%
Arguments:
Application: Zenmap GUI
Filename: \portable\Nmap\zenmap.exe
Arguments: -p “Quick scan plus” -t %Hostname%
Application: Check Remoteconnection
Filename: check_remote.bat
Arguments: %HostName%
Filename: \portable\Nmap\zenmap.exe
Arguments: -p “Quick scan plus” -t %Hostname%
Application: Check Remoteconnection
Filename: check_remote.bat
Arguments: %HostName%
@echo off & setlocal
IF “%1″==”” (
GOTO MANUAL
) ELSE (
GOTO AUTO
)
:AUTO
set IP=%1
qwinsta /server:%IP%
GOTO CHOICE
:MANUAL
set /p IP=Aktuelle IP oder Servernamen eingeben:
qwinsta /server:%IP%
GOTO CHOICE
:CHOICE
echo Auswahl:
echo [1] eine Verbindung trennen
echo [2] Beenden
SET /P auswahl=[1,2]?
for %%? in (1) do if /I “%auswahl%”==”%%?” goto DISCONNECT
for %%? in (2) do if /I “%auswahl%”==”%%?” goto ENDE
goto CHOICE
:DISCONNECT
set /p ID=Session ID eingeben:
rwinsta /server:%IP% %ID%
:ENDE
PAUSE
IF “%1″==”” (
GOTO MANUAL
) ELSE (
GOTO AUTO
)
:AUTO
set IP=%1
qwinsta /server:%IP%
GOTO CHOICE
:MANUAL
set /p IP=Aktuelle IP oder Servernamen eingeben:
qwinsta /server:%IP%
GOTO CHOICE
:CHOICE
echo Auswahl:
echo [1] eine Verbindung trennen
echo [2] Beenden
SET /P auswahl=[1,2]?
for %%? in (1) do if /I “%auswahl%”==”%%?” goto DISCONNECT
for %%? in (2) do if /I “%auswahl%”==”%%?” goto ENDE
goto CHOICE
:DISCONNECT
set /p ID=Session ID eingeben:
rwinsta /server:%IP% %ID%
:ENDE
PAUSE
Application: Configure Samba
Filename: configure_Samba.bat
Arguments: %HostName% %username% %password%
Filename: configure_Samba.bat
Arguments: %HostName% %username% %password%
@echo off & setlocal
set Hostname=%1
set Username=%2
set Password=%3
:UBUNTU
\portable\WinSCP\WinSCP.com /command “open scp://%Username%:%Password%@%Hostname%” “lcd \samba” “get /etc/samba/smb.conf” “exit”
IF ERRORLEVEL 1 GOTO SUSE
GOTO Notepad_UBUNTU
set Hostname=%1
set Username=%2
set Password=%3
:UBUNTU
\portable\WinSCP\WinSCP.com /command “open scp://%Username%:%Password%@%Hostname%” “lcd \samba” “get /etc/samba/smb.conf” “exit”
IF ERRORLEVEL 1 GOTO SUSE
GOTO Notepad_UBUNTU
:SUSE
\portable\WinSCP\WinSCP.com /command “open scp://%Username%:%Password%@%Hostname%” “lcd \samba” “get /usr/local/samba/lib/smb.conf” “exit”
GOTO Notepad_SUSE
:Notepad_UBUNTU
“\portable\Notepad++Portable\Notepad++Portable.exe” \samba\smb.conf
PAUSE
xcopy \samba\smb.conf \samba\%Hostname%_sambaconf.txt /Y
\portable\WinSCP\WinSCP.com /command “open scp://%Username%:%Password%@%Hostname%” “cd /etc/samba/” “put \samba\smb.conf” “call /etc/init.d/samba restart” “exit”
GOTO Ende
:Notepad_SUSE
“\portable\Notepad++Portable\Notepad++Portable.exe” \samba\smb.conf
PAUSE
xcopy \samba\smb.conf \samba\%Hostname%_sambaconf.txt /Y
\portable\WinSCP\WinSCP.com /command “open scp://%Username%:%Password%@%Hostname%” “cd /usr/local/samba/lib/” “put \samba\smb.conf” “call /etc/init.d/samba restart” “exit”
GOTO Ende
:Ende
PAUSE
Sysinternals tools: http://technet.microsoft.com/en-us/sysi … fault.aspx
SYDI: http://sydiproject.com/
Application: [HTTPS] Dell OpenManage [port 1311]
Filename: iexplore
Arguments: https://%Hostname%:1311
Application: [HTTPS] HP HomePage [2381]
Filename: iexplore
Arguments: https://%Hostname%:2381
Application: [HTTPS] ILO [81]
Filename: iexplore
Arguments: https://ilo-%Hostname%:81
Application: [HTTPS] LocalHost [80]
Filename: iexplore
Arguments: http://%hostname%
Application: [MSC] Compmgmt
Filename: compmgmt.msc
Arguments: /computer:%hostname%
Application: [MSC] Services
Filename: services.msc
Arguments: /computer:%hostname%
Application: [TOOL] Inventory with SYDI
Filename: cmd
Arguments: /k cscript %mremote%\scripts\sydi\sydi-server.vbs -wabefghipPqrsu -racdklp -ew -f10 -d -t%hostname%
You need to have MSWORD on your machine (you can also export in xml/html)
Application: [TOOL] Command Prompt (using SysInternals PSEXEC)
Filename: cmd
Arguments: /k %tools%\psexec.exe \\%hostname% cmd.exe
In my case i added %tools% (system variable)
Application: [TOOL] Files Opened (using SysInternals PSFiLE)
Filename: cmd
Arguments: /k %tools%\psfile.exe \\%hostname%
Application: [TOOL] Logged-on users (using SysInternals psloggedon.exe)
Filename: cmd
Arguments: /k %tools%\psloggedon.exe \\%hostname%
Application: Netstat (Listening ports)(using Sysinternals PSEXEC)
Filename: cmd
Arguments: /k %tools%\psexec.exe \\%hostname% netstat -nab |find /i
Application: Nslookup
Filename: cmd
Arguments: /K nslookup %hostname%
Application: RDP /Admin (Console Session)
Filename: cmd
Arguments: /c mstsc /v:%hostname%:3389 /admin
Application: Processes List (Powershell)
Filename: powershell
Arguments: -noexit Get-wmiobject win32_process -computername %hostname% | Select-Object __server,name,processid,sessionid,vm,ws,description,executablepath,osname,windowsversion,__path | Out-GridView
Application: Shares List (Powershell)
Filename: powershell
Arguments: -noexit Get-WmiObject win32_share -computer %hostname%|sort name|fl
Application: Shutdown GUi
Filename: shutdown
Arguments: /i /m %hostname%
SYDI: http://sydiproject.com/
Application: [HTTPS] Dell OpenManage [port 1311]
Filename: iexplore
Arguments: https://%Hostname%:1311
Application: [HTTPS] HP HomePage [2381]
Filename: iexplore
Arguments: https://%Hostname%:2381
Application: [HTTPS] ILO [81]
Filename: iexplore
Arguments: https://ilo-%Hostname%:81
Application: [HTTPS] LocalHost [80]
Filename: iexplore
Arguments: http://%hostname%
Application: [MSC] Compmgmt
Filename: compmgmt.msc
Arguments: /computer:%hostname%
Application: [MSC] Services
Filename: services.msc
Arguments: /computer:%hostname%
Application: [TOOL] Inventory with SYDI
Filename: cmd
Arguments: /k cscript %mremote%\scripts\sydi\sydi-server.vbs -wabefghipPqrsu -racdklp -ew -f10 -d -t%hostname%
You need to have MSWORD on your machine (you can also export in xml/html)
Application: [TOOL] Command Prompt (using SysInternals PSEXEC)
Filename: cmd
Arguments: /k %tools%\psexec.exe \\%hostname% cmd.exe
In my case i added %tools% (system variable)
Application: [TOOL] Files Opened (using SysInternals PSFiLE)
Filename: cmd
Arguments: /k %tools%\psfile.exe \\%hostname%
Application: [TOOL] Logged-on users (using SysInternals psloggedon.exe)
Filename: cmd
Arguments: /k %tools%\psloggedon.exe \\%hostname%
Application: Netstat (Listening ports)(using Sysinternals PSEXEC)
Filename: cmd
Arguments: /k %tools%\psexec.exe \\%hostname% netstat -nab |find /i
Application: Nslookup
Filename: cmd
Arguments: /K nslookup %hostname%
Application: RDP /Admin (Console Session)
Filename: cmd
Arguments: /c mstsc /v:%hostname%:3389 /admin
Application: Processes List (Powershell)
Filename: powershell
Arguments: -noexit Get-wmiobject win32_process -computername %hostname% | Select-Object __server,name,processid,sessionid,vm,ws,description,executablepath,osname,windowsversion,__path | Out-GridView
Application: Shares List (Powershell)
Filename: powershell
Arguments: -noexit Get-WmiObject win32_share -computer %hostname%|sort name|fl
Application: Shutdown GUi
Filename: shutdown
Arguments: /i /m %hostname%
Categories: Knowledge
External apps, mRemote, mRemoteNG
SuperBlackBook 