Psexec (PsTools) is a toolset consisting of following tools:
- PSexec used to execute commands at remote or get a shell from a remote system
- PsFile used to list file and folders at remote system
- PsGetSid used to display security identifier for remote computer or user
- PsInfo used to get detailed information about the remote system
- PsKill used to kill process at the remote system according to name or ID
- PsList used to list processes in detail at the remote system
- PsLoggedOn used to list logged on users in the remote systems
- PsLogList used to list event logs resides on the remote systems
- PsPasswd used to change given user password on the remote system
- PsPing used to ping from remote system
- PsServervice used to list and manage Windows services on the remote system
- PsShutdown used to shutdown, log off, suspend and restart remote Windows system
- PsSuspend used to suspend and resume processes on the remote Windows system.
Most common syntax
psexec \\computer command [arguments] psexec @run_file [options] command [arguments]
Options:
- computer: The computer on which psexec will run command. Default = local system
- To run against all computers in the current domain enter “\\*”
- @run_file Run command on every computer listed in the text file specified.
- command: Name of the program to execute
- arguments: Arguments to pass (file paths must be absolute paths on the target system)
Some examples:
- Launch an interactive command prompt on \\DGEXXXXX, the CMD prompt window will appear locally:
psexec \\DGEXXXXX cmd
- Connect to workstation64 and run IPCONFIG to display the remote PC’s IP address:
psexec \\DGEXXXXX ipconfig
- Connect to workstation64 and list a directory:
psexec \\DGEXXXXX -s cmd /c dir c:\work
- Execute IpConfig on the remote system, and display the output locally:
psexec \\DGEXXXXX ipconfig /all#sysadmin #tools #windows