On numerous occasions, system administrators have found themselves in the need to execute a program, script, or command remotely.
Until now, many of these tasks were being performed using remote control applications such as TeamViewer, VNC, ISL, etc. But what happens when you need to perform these tasks on different machines simultaneously or when you want to launch the task without the user knowing?
Thinking about this need, Microsoft released a set of tools developed by Mark Russinovich, called PsTools. Essentially, they are a collection of applications designed to manage computers remotely through the command prompt (CMD).
What are the PsTools?
PSTools is a set of tools designed for the Microsoft Windows world that allows the execution of various tasks through the command line. The tools that make up the solution are:
PsExec: run processes remotely
PsFile: display remotely opened files
PsGetSid: show the SID of a computer or user
PsInfo: list information about a system
PsPing: measure network performance
PsKill: terminate processes by process ID or name
PsList: list detailed information about processes
PsLoggedOn: query who has logged on locally and through resource sharing
PsLogList: dump event logs PsPasswd: change account passwords
PsService: view and control services
PsShutdown: shut down and optionally restart a computer
PsSuspend: suspend processes
PsUptime: display how long a system has been running since its last restart
What makes the use of PsTools very interesting is that there is no need for client software installation on remote machines. It allows us to connect immediately and, of course, remotely, without the need for physical presence.
Installation
The installation of the suite wouldn’t even need mentioning, as it only requires downloading it from the official repository:
https://learn.microsoft.com/es-es/sysinternals/downloads/pstools
Extract the content on our computer, and it’s ready to go.
How to execute
As mentioned earlier, the tools are executed through the command line, and each tool has different execution options. There’s no need to worry because running the tool followed by the ‘/?’ option will display information like any other command. Additionally, documentation is available on the website.
For this example, we will take the tool ‘psexec.’ This application allows the remote execution of applications, such as having a remote cmd:
C:\Pstools>PsExec.exe \\device -u domain\user -s cmd
In the previous case, the ‘-u’ option was used to define a domain user, but this is optional. Another example could be retrieving a list of remote network interfaces using:
C:\Pstools>PsExec.exe \\device ipconfig /allThe functionalities and conveniences that PsTools offers are extensive. For me, it’s a fundamental tool in my work that saves a lot of time in certain tasks.