Using winexe to run "wmic" commands on a Windows machine

linux windows remote
11,435

Solution 1

Use the WMI-Client here: http://www.orvant.com/packages/ and run the WMIC commands directly from Linux, although you will have to use the WQL equivalents of your commands, as this version does not support the non-WQL queryies.

Solution 2

The latest winexe code (from the "current" git repository, a.k.a. "winexe-waf"; date November 2013) doesn't hang when I test it. I build winexe on Debian Wheezy with Samba 4.0.10 packages from Unstable and run winexe -U "<user>%<pwd>" //192.168.1.2 'wmic bios get serialnumber' where 192.168.1.2 is the IP address of a VirtualBox virtual machine running Windows 7 Professional SP1. Output is as follows.

$ winexe -U "<user>%<pwd>" //192.168.1.2 'wmic bios get serialnumber'
SerialNumber
0

$ winexe -U "<user>%<pwd>" //192.168.1.2 'wmic computersystem get model'
Model
VirtualBox
Share:
11,435

Related videos on Youtube

CptSupermrkt
Author by

CptSupermrkt

Updated on September 18, 2022

Comments

  • CptSupermrkt
    CptSupermrkt almost 2 years

    We use winexe to execute commands on our Windows machines from Linux. For example:

    winexe -A authfile //syspc4.domain.com "ipconfig /all"

    Expectedly the above prints out the same thing as if you had run cmd.exe on a Windows machine and typed in "ipconfig /all"

    My ultimate goal is to remotely (from Linux) get the Window's machines serial number and model name. This is very easily achievable with the following two commands in cmd.exe locally on the Windows (Windows XP) machine:

    wmic bios get serialnumber
wmic computersystem get model

    However, any attempts to execute this via winexe simply do not work --- after hitting enter, nothing happens. No error, nothing. It will just appear to be frozen until I ctrl+c out of it.

    Here are the commands that I've tried:

    winexe -A authfile //syspc4.domain.com "wmic bios get serialnumber"
winexe -A authfile //syspc4.domain.com "cmd wmic bios get serialnumber"
winexe -A authfile //syspc4.domain.com "cmd /c wmic bios get serialnumber"
winexe -A authfile //syspc4.domain.com "cmd"
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>wmic bios get serialnumber

    In all cases, no response. A quick look at winexe --help reveals a log option, but even with that set, there is no output log of any kind.

    I found the following post on another forum, in which the person is asking almost the exact same thing as me, and naturally he just never got an answer: http://www.linuxquestions.org/questions/linux-software-2/winexe-780343/

    EDIT: With debug turned on, this is where it hangs:

    winexe -d 6 -A authfile //syspc4.domain.com "wmic bios get serialnumber"

...
IN: async_open(\pipe\ahexec, 2)
IN: async_open_recv
CTRL: Sending command: get version
CTRL: Sending command: run wmic bios get serialnumber
CTRL: Recieved command: std_io_err 15C40030
IN: async_open(\pipe\ahexec_stdin15C40030, 2)
IN: async_open(\pipe\ahexec_stdout15C40030, 2)
IN: async_open(\pipe\ahexec_stderr15C40030, 2)
IN: async_open_recv
IN: async_open_recv
IN: async_open_recv

**hangs forever here**

Then ctrl+c:

^CAborting...
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: on_ctrl_pipe_error - NT_STATUS_PIPE_DISCONNECTED

    However the curious thing is that even with a command that doesn't fail (like ipconfig /all), it gives the exact same thing:

    ...
IN: async_open(\pipe\ahexec, 2)
IN: async_open_recv
CTRL: Sending command: get version
CTRL: Sending command: run ipconfig /all
CTRL: Recieved command: std_io_err 15C40031
IN: async_open(\pipe\ahexec_stdin15C40031, 2)
IN: async_open(\pipe\ahexec_stdout15C40031, 2)
IN: async_open(\pipe\ahexec_stderr15C40031, 2)
IN: async_open_recv
IN: async_open_recv
IN: async_open_recv

Windows IP Configuration
...
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: smb_raw_read_recv - NT_STATUS_PIPE_DISCONNECTED
ERROR: on_ctrl_pipe_error - NT_STATUS_PIPE_DISCONNECTED
    • senorsmile
      senorsmile over 10 years
      Did you ever figure this out?
    • CptSupermrkt
      CptSupermrkt over 10 years
      No, unfortunately I never did. The answer below for WMI-Client looks promising. Unfortunately we needed the solution around the time of posting, and ultimately just ended up doing the work by hand.
    • senorsmile
      senorsmile over 10 years
      I compiled the new winexe from git yesterday (it says version 1.1) and get the exact same errors and issue with it waiting with it requiring to press enter to continue the script.
    • senorsmile
      senorsmile over 10 years
      This seems to be a recently reopened bug that the devs are at least aware of: sourceforge.net/p/winexe/bugs/31/?page=1.
  • CptSupermrkt
    CptSupermrkt almost 11 years
    Ahhhh, it looks for a number! LOL. I tried words like "high". I'll give that a shot!
  • slm
    slm almost 11 years
    @CptSupermrkt - yes isn't it nice when they provide you with a program and a usage page but no man page that spells the actual details of how to "really" use it.
  • slm
    slm almost 11 years
    @CptSupermrkt - The RPM that provides that package doesn't include a cent of documentation either. Nice 8-(.
  • slm
    slm almost 11 years
    @CptSupermrkt - I have to ask, what's Captain Supermarket?
  • CptSupermrkt
    CptSupermrkt almost 11 years
    I updated my question with the output of debug. Captain Supermarket is the Japanese title of the movie "Army of Darkness" :)
  • slm
    slm almost 11 years
    @CptSupermrkt - WTF? Are you serious? Thanks I'm crying from laughter.
  • CptSupermrkt
    CptSupermrkt almost 11 years
    Hah...you're right! LOL. That's funny. If it comes down to that being my one and only clue, I might just let this slide and abandon this part of the project as it's not vital for what I'm doing, just a "would be nice" kinda thing.
  • slm
    slm almost 11 years
    @CptSupermrkt - I think that difference is a red herring but something to go on.
  • slm
    slm almost 11 years
    @CptSupermrkt - googling it didn't shed any light.
  • CptSupermrkt
    CptSupermrkt almost 11 years
    Same. Thanks for your help though.
  • slm
    slm almost 11 years
    @CptSupermrkt - the other direction I'd be inclined to go here with is to look for winexe wmi hang in google. There are some leads. I have to head home, will pick up when I get there.
  • slm
    slm almost 11 years
    @CptSupermrkt - is it possible that the wmi command is sitting at a prompt on the windows side? Check out this technique for using cat ... | winexe .. to send bunch of commands to a PC: opensourceinfo.blogspot.com/2010/01/winexe.html
  • CptSupermrkt
    CptSupermrkt almost 11 years
    No go. Thanks though, seriously, don't go too far out of your way on this :)
  • CptSupermrkt
    CptSupermrkt over 10 years
    My use for this has long passed, but it looks promising. I'll mark it as the answer. If some poor soul years from now finds this via Google and it doesn't work, please leave a comment about your experience/whether it really worked or not.
  • senorsmile
    senorsmile over 10 years
    I am trying out wmi-client (if I can ever get it to compile on Arch Linux). I'll post back my results.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SCP from remote Linux system to Windows
Running remote scripts on Linux Servers from Windows
how to kill a process running on remote windows machine from linux?
Flutter Desktop: how to hide a window (and keep the process alive)?
Flutter release to linux
Is it possible to write Windows/Linux/MacOS-specific code in Flutter?
How to copy file from linux to windows server using c
How to create a folder in C (need to run on both Linux and Windows)
Using Git with a Samba shared folder
Compiling a Linux program for ARM architecture - running on a host OS