runAs icon indicating copy to clipboard operation
runAs copied to clipboard

Published 20 hours ago verified publisher icon JetBrains

runAs tool using Psexec

Open Th3LionH3ad opened this issue 4 years ago • 4 comments

hello, i tried to understand how to use runAs with psexec but i always get: "Starting cmd on X ...n X...ing to Y... cmd exited on Y with error code 0.

and i didnt get the shell.

i'm using command:

JetBrains.runAs.exe -p:[PASS] -u:[DOMAIN][USER] PsExec.exe [Destination IP] cmd

thanks.

Th3LionH3ad avatar May 07 '20 15:05 Th3LionH3ad

@Th3LionH3ad could you add '-l:debug` and attach the output?

NikolayPianikov avatar May 17 '20 19:05 NikolayPianikov

hello nikolay,

DEBUG: JetBrains RunAs x64 1.0.0.061 DEBUG: main::Run starting DEBUG: Runner::Create a job DEBUG: Runner::Configure all child processes associated with the job to terminate when the parent is terminated DEBUG: Job::SetInformation DEBUG: Runner::Assign the current process to the job DEBUG: Job::AssignProcessToJob DEBUG: ProcessesSelector::SelectProcesses DEBUG: ProcessesSelector::SelectProcesses push Process DEBUG: ::GetStdHandle(STD_OUTPUT_HANDLE) DEBUG: ::GetStdHandle(STD_ERROR_HANDLE) DEBUG: SecurityManager::GetTokenInformation - Get the required buffer size. DEBUG: SecurityManager::GetTokenInformation - Get the token information from the access token. DEBUG: ProcessTracker::InitializeConsoleRedirection DEBUG: Environment::CreateForCurrentProcess DEBUG: SET "=::=::" (from API results) DEBUG: SET "=C:=C:\Test" (from API results) DEBUG: SET "=ExitCode=FFFE795D" (from API results) DEBUG: SET "=F:=F:" (from API results) DEBUG: SET "ALLUSERSPROFILE=C:\ProgramData" (from API results) DEBUG: SET "APPDATA=C:\Users\Administrator\AppData\Roaming" (from API results) DEBUG: SET "CommonProgramFiles=C:\Program Files\Common Files" (from API results) DEBUG: SET "CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files" (from API results) DEBUG: SET "CommonProgramW6432=C:\Program Files\Common Files" (from API results) DEBUG: SET "COMPUTERNAME=SA-Computer" (from API results) DEBUG: SET "ComSpec=C:\windows\system32\cmd.exe" (from API results) DEBUG: SET "DriverData=C:\Windows\System32\Drivers\DriverData" (from API results) DEBUG: SET "FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer" (from API results) DEBUG: SET "FPS_BROWSER_USER_PROFILE_STRING=Default" (from API results) DEBUG: SET "HOMEDRIVE=C:" (from API results) DEBUG: SET "HOMEPATH=\Users\Administrator" (from API results) DEBUG: SET "LOCALAPPDATA=C:\Users\Administrator\AppData\Local" (from API results) DEBUG: SET "LOGONSERVER=\SA-Computer" (from API results) DEBUG: SET "NUMBER_OF_PROCESSORS=4" (from API results) DEBUG: SET "OneDrive=C:\Users\Administrator\OneDrive" (from API results) DEBUG: SET "OS=Windows_NT" (from API results) DEBUG: SET "Path=C:\windows\system32;C:\windows;C:\windows\System32\Wbem;" (from API results) DEBUG: SET "PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC" (from API results) DEBUG: SET "PROCESSOR_ARCHITECTURE=AMD64" (from API results) DEBUG: SET "PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel" (from API results) DEBUG: SET "PROCESSOR_LEVEL=6" (from API results) DEBUG: SET "PROCESSOR_REVISION=3a09" (from API results) DEBUG: SET "PROG27B48B2C051=1" (from API results) DEBUG: SET "PROG27B48B2C056=1" (from API results) DEBUG: SET "ProgramData=C:\ProgramData" (from API results) DEBUG: SET "ProgramFiles=C:\Program Files" (from API results) DEBUG: SET "ProgramFiles(x86)=C:\Program Files (x86)" (from API results) DEBUG: SET "ProgramW6432=C:\Program Files" (from API results) DEBUG: SET "PROMPT=$P$G" (from API results) DEBUG: SET "PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\windows\system32\WindowsPowerShell\v1.0\Modules" (from API results) DEBUG: SET "PUBLIC=C:\Users\Public" (from API results) DEBUG: SET "SESSIONNAME=Console" (from API results) DEBUG: SET "SystemDrive=C:" (from API results) DEBUG: SET "SystemRoot=C:\windows" (from API results) DEBUG: SET "TEMP=C:\Users\ADMINI~1\AppData\Local\Temp" (from API results) DEBUG: SET "TMP=C:\Users\ADMINI~1\AppData\Local\Temp" (from API results) DEBUG: SET "USERDOMAIN=SA-Computer" (from API results) DEBUG: SET "USERDOMAIN_ROAMINGPROFILE=SA-Computer" (from API results) DEBUG: SET "USERNAME=Administrator" (from API results) DEBUG: SET "USERPROFILE=C:\Users\Administrator" (from API results) DEBUG: SET "windir=C:\windows" (from API results) DEBUG: Environment::Override DEBUG: Environment::Copy environment variables from base environment DEBUG: SET "=::=::" (set value) DEBUG: SET "=C:=C:\Test" (set value) DEBUG: SET "=ExitCode=FFFE795D" (set value) DEBUG: SET "=F:=F:" (set value) DEBUG: SET "ALLUSERSPROFILE=C:\ProgramData" (set value) DEBUG: SET "APPDATA=C:\Users\Administrator\AppData\Roaming" (set value) DEBUG: SET "CommonProgramFiles=C:\Program Files\Common Files" (set value) DEBUG: SET "CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files" (set value) DEBUG: SET "CommonProgramW6432=C:\Program Files\Common Files" (set value) DEBUG: SET "COMPUTERNAME=SA-Computer" (set value) DEBUG: SET "ComSpec=C:\windows\system32\cmd.exe" (set value) DEBUG: SET "DriverData=C:\Windows\System32\Drivers\DriverData" (set value) DEBUG: SET "FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer" (set value) DEBUG: SET "FPS_BROWSER_USER_PROFILE_STRING=Default" (set value) DEBUG: SET "HOMEDRIVE=C:" (set value) DEBUG: SET "HOMEPATH=\Users\Administrator" (set value) DEBUG: SET "LOCALAPPDATA=C:\Users\Administrator\AppData\Local" (set value) DEBUG: SET "LOGONSERVER=\SA-Computer" (set value) DEBUG: SET "NUMBER_OF_PROCESSORS=4" (set value) DEBUG: SET "OneDrive=C:\Users\Administrator\OneDrive" (set value) DEBUG: SET "OS=Windows_NT" (set value) DEBUG: SET "Path=C:\windows\system32;C:\windows;C:\windows\System32\Wbem;" (set value) DEBUG: SET "PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC" (set value) DEBUG: SET "PROCESSOR_ARCHITECTURE=AMD64" (set value) DEBUG: SET "PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel" (set value) DEBUG: SET "PROCESSOR_LEVEL=6" (set value) DEBUG: SET "PROCESSOR_REVISION=3a09" (set value) DEBUG: SET "PROG27B48B2C051=1" (set value) DEBUG: SET "PROG27B48B2C056=1" (set value) DEBUG: SET "ProgramData=C:\ProgramData" (set value) DEBUG: SET "ProgramFiles=C:\Program Files" (set value) DEBUG: SET "ProgramFiles(x86)=C:\Program Files (x86)" (set value) DEBUG: SET "ProgramW6432=C:\Program Files" (set value) DEBUG: SET "PROMPT=$P$G" (set value) DEBUG: SET "PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\windows\system32\WindowsPowerShell\v1.0\Modules" (set value) DEBUG: SET "PUBLIC=C:\Users\Public" (set value) DEBUG: SET "SESSIONNAME=Console" (set value) DEBUG: SET "SystemDrive=C:" (set value) DEBUG: SET "SystemRoot=C:\windows" (set value) DEBUG: SET "TEMP=C:\Users\ADMINI~1\AppData\Local\Temp" (set value) DEBUG: SET "TMP=C:\Users\ADMINI~1\AppData\Local\Temp" (set value) DEBUG: SET "USERDOMAIN=SA-Computer" (set value) DEBUG: SET "USERDOMAIN_ROAMINGPROFILE=SA-Computer" (set value) DEBUG: SET "USERNAME=Administrator" (set value) DEBUG: SET "USERPROFILE=C:\Users\Administrator" (set value) DEBUG: SET "windir=C:\windows" (set value) DEBUG: Environment::Override environment variables from source environment DEBUG: Environment::CreateFormList DEBUG: Environment::Apply DEBUG: ::CreateProcess DEBUG: Runner::Run failed DEBUG: Runner::Run error code: 3 DEBUG: Runner::Run error description: The system cannot find the file specified.

DEBUG: Runner::Run finished DEBUG: main::Run finished DEBUG: main::Create resultsJetBrains RunAs x64 1.0.0.061 Copyright (C) 2017 JetBrains. All rights reserved. Runs a process under the specified windows user account.

Argument(s): -l:debug psexec \10.10.0.100 cmd

Settings:

user_name: domain: working_directory: C:\Test exit_code_base: -100000 integrity_level: auto inheritance_mode: auto show_mode: hide self_testing: 0 executable: psexec command_line_args: \10.10.0.100 cmd

Error code: -100003

Th3LionH3ad avatar May 19 '20 13:05 Th3LionH3ad

@Th3LionH3ad Try using a full path for you executable

NikolayPianikov avatar Oct 08 '20 08:10 NikolayPianikov