PSExec的使用

(1)，PsTools工具介紹
PsExec - execute processes remotely
PsFile - shows files opened remotely
PsGetSid - display the SID of a computer or a user
PsInfo - list information about a system
PsPing - measure network performance
PsKill - kill processes by name or process ID
PsList - list detailed information about processes
PsLoggedOn - see who's logged on locally and via resource sharing (full source is included)
PsLogList - dump event log records
PsPasswd - changes account passwords
PsService - view and control services
PsShutdown - shuts down and optionally reboots a computer
PsSuspend - suspends processes
PsUptime - shows you how long a system has been running since its last reboot (PsUptime's functionality has been incorporated into PsInfo）
PsTools下載地址

(2)，提示訪問被拒絕
1,net share命令查看admin$共享開啟。
2，查看防火牆，確認445端口開放。
3，注冊表添加：LocalAccountTokenFilterPolicy
▶導航到HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System。
▶添加一個名為LocalAccountTokenFilterPolicy的新DWORD值。
▶將其值設置為1。

例：
psexec \\192.168.8.13 -u w2012r2\administrator -p Passw0rd -i -s -d cmd /c start http://www.baidu.com
psexec \\192.168.8.13 -u w2012r2\administrator -p Passw0rd -s -f -d -c "C:\test.bat"
psexec \\192.168.8.13 -u administrator -p Passw0rd -s -f -d -c "C:\test.bat"
psexec \\192.168.8.13 -u w2012r2\testuser -p Passw0rd -s -f -d -c "C:\test.bat"

OR:

cmdkey.exe /add:MACHINE_NAME /user:MACHINE_NAME\Administrator /pass:PASSWORD
psexec.exe \\MACHINE_NAME -i notepad
cmdkey.exe /delete:MACHINE_NAME

psexec下載地址