mubix has a great post here on using the standalone psexec in the tools folder for metasploit.
couple of notes since i had to use it this week.
1. its now librex instead of rex that should save you a few minutes of debugging the cant find rex/proto error :-)
2. make sure you comment out the stuff Rob mentions to here:
![]()
3. the ocra stuff works as described.
4. the exe option is important as the metasploit psexec doesn't behave like sysinternals psexec.
![]()
The exe needs to be a service binary, so you cant just call cmd.exe like you can with the sysinternals psexec.
Normally metasploit uploads a service binary that kicks off your msf payload so in this case you need a binary that behaves like a service. Rob gives us a hint with the one he uses in the example (adduser.exe).
![]()
so find yourself a service bin to do whatever it is you want it to do and use that with your standalone psexec. I ended up using an exe that made a local admin user and then used that for follow on stuff, not optimal but was in a tight spot (hence using the standalone psexec to start with)
yup i stole mubix's pictures...he said it was ok.
-CG
couple of notes since i had to use it this week.
1. its now librex instead of rex that should save you a few minutes of debugging the cant find rex/proto error :-)
2. make sure you comment out the stuff Rob mentions to here:
3. the ocra stuff works as described.
4. the exe option is important as the metasploit psexec doesn't behave like sysinternals psexec.
The exe needs to be a service binary, so you cant just call cmd.exe like you can with the sysinternals psexec.
Normally metasploit uploads a service binary that kicks off your msf payload so in this case you need a binary that behaves like a service. Rob gives us a hint with the one he uses in the example (adduser.exe).
so find yourself a service bin to do whatever it is you want it to do and use that with your standalone psexec. I ended up using an exe that made a local admin user and then used that for follow on stuff, not optimal but was in a tight spot (hence using the standalone psexec to start with)
yup i stole mubix's pictures...he said it was ok.
-CG