1

我们正在尝试从 Linux(CentOS 7)远程执行 windows 命令到 Windows 10。我在 CentOS 7 中设置了 Winexe。我认为设置似乎很好

[user@abcd build]$ ./winexe-static -v
winexe version 1.1
This program may be freely redistributed under the terms of the GNU GPLv3
Usage: winexe-static [OPTION]... //HOST COMMAND
Options:
-h, --help                                  Display help message
-V, --version                               Display version number
-U, --user=[DOMAIN/]USERNAME[%PASSWORD]     Set the network username
-A, --authentication-file=FILE              Get the credentials from a file
-N, --no-pass                               Do not ask for a password
-k, --kerberos=STRING                       Use Kerberos, -k [yes|no]
-d, --debuglevel=DEBUGLEVEL                 Set debug level
--uninstall                                 Uninstall winexe service after
                                          remote execution
--reinstall                                 Reinstall winexe service before
                                          remote execution
--system                                    Use SYSTEM account
--profile                                   Load user profile
--convert                                   Try to convert characters
                                          between local and remote
                                          code-pages
--runas=[DOMAIN\]USERNAME%PASSWORD          Run as the given user (BEWARE:
                                          this password is sent in
                                          cleartext over the network!)
--runas-file=FILE                           Run as user options defined in a
                                          file
--interactive=0|1                           Desktop interaction: 0 -
                                          disallow, 1 - allow. If allow,
                                          also use the --system switch
                                          (Windows requirement). Vista
                                          does not support this option.
--ostype=0|1|2                              OS type: 0 - 32-bit, 1 - 64-bit,
                                          2 - winexe will decide.
                                          Determines which version (32-bit
                                          or 64-bit) of service will be
                                          installed.

但是它没有连接到 Windows 10 机器。以下是我们用来测试的命令。我们也尝试了 Sudo 用户。显示错误:无法打开连接 - NT_STATUS_CONNECTION_RESET 错误

[user@abcd build]$ ./winexe-static -U Domain123/CI.Admin%JeesOver*819 //Windows10 “ipconfig”
ERROR: Failed to open connection - NT_STATUS_CONNECTION_RESET

[user@abcd build]$ sudo ./winexe-static -U 'Domain123/CI.Admin%JeesOver*819' //Windows10  “ipconfig”
[sudo] password for user:
ERROR: Failed to open connection - NT_STATUS_CONNECTION_RESET
4

1 回答 1

2

您的 winexe 可能正在使用 SMB1 方言进行连接,这在现代 Windows 版本中已被弃用。

仅出于调试目的,暂时在 Windows 中启用 SMB1(提示:OptionalFeatures.exe)并重试。它应该可以工作,除非您还需要将“LocalAccountTokenFilterPolicy”添加到注册表中。

不要忘记再次禁用 SMB1。

有一个支持 SMB2 的 winexec 二进制文件可在 Centos 7 中针对 Windows 10 运行:http ://dl-openaudit.opmantek.com/winexe-static

对我有用的源代码:https ://bitbucket.org/reevertcode/reevert-winexe-waf

除了 README 文件,您还应该阅读“BUILD”文件,它包含附加信息(要应用的补丁)。

祝你好运!

于 2019-01-20T05:30:03.257 回答