Friday, March 19, 2010

Running windows cmd from linux

To run windows cmd from linux box, there is one tool you could use, which is winexe. You can download the installer from here. There are 2 ways to install this tool:


1. Use the preinstalled version.
  • Download from here
  • Unpack the bz2 file: # bunzip2 winexe-static-081123.bz2
  • Change mod to allow execute: # chmod +x winexe-static-081123
  • Make soft link in your /usr/local/bin: # ln -s winexe-static-081123 /usr/local/bin/winexe

2. Compile from source
  • Install necessary packages (gcc, svn, *-devel....)
  • Get sources from here
  • Unpack the source file: # tar -xvjf winexe-source-081123.tar.bz2
  • Compile according to README file:
    • cd to unpacked tar.bz2 sources
    • ./autogen.sh
    • ./configure
    • make proto bin/winexe
  • Compiled file will be located in wmi/Samba/source/bin/winexe
  • Install winexe:
    install -s wmi/Samba/source/bin/winexe /usr/local/bin/winexe

To use it is very simple:

# winexe -U foo -W WORKGROUP -n FOO-PC //10.0.0.61 "cmd.exe"

where -U for username, -W for workgroup, -n for target machine netbios name, 10.0.0.61 is the ip address of the target machine and cmd.exe is to start windows command prompt.
Once connected, you will get command prompt like below:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS\system32>

To quit, just type exit at the windows command prompt.

That's all :)


20 comments:

<~!@#> said...

thanks, aku dah lupe ape name alternative software ntuk psexec ni...

Luis Garcia said...

Hi. are you know a new version for winexe? I use Archlinux and now winexe is broken for update on libc6 . i tried compile and nothing

David said...

Thanks for the write-up. Works like a charm :)

01100100011011010110000101110100 said...

When I compiled the source, I had to change the last command to

sudo install -s bin/winexe /usr/local/bin/winexe

Thought it would be nice to mention it on the off chance it might be useful to someone in the near to medium-distant future.

Thanks for the guide!

Alessio Bandini said...

Hi all,

When I give the command:

winexe --interactive 0 --user ditron%ditron // 'cmd /C dir c:\'

I receive the message:
ERROR: Cannot open control pipe - NT_STATUS_ACCESS_DENIED

The source machine is a Centos5 pc.
The target machine is a Windows XP Home SP3 pc.

When I give the command to another pc, with Windows XP Professional all it's ok.

Thanks in advance.

blackorga said...

Hi Alessio,

Try checking the windows machine's firewall. Sometimes firewall is blocking the way :)

Alessio Bandini said...

I've tried to deactivate the Firewall, but with no success.
In linuxforum people told me that the problem it's windows xp home that does not allow remote assistance.

I have to change OS.

blackorga said...

Hi Alessio,

Yup, maybe it was because of windows version. Microsoft did locked some of the features in their home edition operating systems :)

Anonymous said...

Thanks for the article!

Anonymous said...

[winexe/winexe.c:120:on_ctrl_pipe_error()] ERROR: Failed to install service winexesvc - NT_STATUS_ACCESS_DENIED

Unknown said...

I am using winexe from ubuntu 12.04
and using command to connect to remote windows 7 having admin$ share enabled.

my command is : -

winexe -U Pranav -W WORKGROUP -n Pranav-PC//192.168.0.103 "cmd.exe"

and its showing me usage info of winexe command as :-

winexe version 1.00
This program may be freely redistributed under the terms of the GNU GPLv3
Usage: winexe [-?] [-?] [-?] [-?NP] [-?NPV] [-?|--help] [--usage] [-d|--debuglevel DEBUGLEVEL]
[--debug-stderr] [-s|--configfile CONFIGFILE] [--option=name=value]
[-l|--log-basename LOGFILEBASE] [--leak-report] [--leak-report-full]
[-R|--name-resolve NAME-RESOLVE-ORDER]
[-O|--socket-options SOCKETOPTIONS] [-n|--netbiosname NETBIOSNAME]
[-S|--signing on|off|required] [-W|--workgroup WORKGROUP]
[--realm=REALM] [-i|--scope SCOPE] [-m|--maxprotocol MAXPROTOCOL]
[-U|--user [DOMAIN/]USERNAME[%PASSWORD]] [-N|--no-pass]
[--password=STRING] [-A|--authentication-file FILE] [-P|--machine-pass]
[--simple-bind-dn=STRING] [-k|--kerberos STRING] [-V|--version]
[--uninstall] [--reinstall] [--system]
[--runas=[DOMAIN\]USERNAME%PASSWORD] [--runas-file=FILE]
[--interactive=0|1] [--ostype=0|1|2] //host command


what should I use as command to get winexe working. That means I should get access to remote windows prompt.

Anonymous said...

Try:
winexe -U Pranav -W WORKGROUP -n Pranav-PC //192.168.0.103 "cmd.exe"

blackorga said...

Hi Gustavo,

What linux distro are u using? For commonly used distro:

redhat/centos/fedora: yum install
debian/ubuntu: apt-get install

Unknown said...

how do you concatenate the output to a log file i tried the -l option with no luck

Unknown said...

how do i output to a log file i tried the -l option with no luck

Unknown said...

Hello, I still find installation instruction for all linux system but... in windows what I need to install (I mean the "telnet" server side application)
thanks

Unknown said...

Hello,
I still found installation instruction for linux and OSx client, but... in windows where I find the "telnet server" winexe installation files?
I mean, there's something to install on windows system that listen to the client requests.
Thank for any reply and for sharing this interesting solution.

Unknown said...

Link to my previuous post: in original post there's a link that seems the reply to my question, but... I have a blank page: http://eol.ovh.org/winexe/ (so I don't know it this is the exe server part to install on windows systems)

gecon27 said...

See http://www.aldeid.com/wiki/Winexe.

It worked for me :)

Ioannis

gecon27 said...

See http://www.aldeid.com/wiki/Winexe.

It worked for me :)

Ioannis