Best source for Debian derivatives: https://software.opensuse.org/package/winexe
Best source for RH derivatives: https://pkgs.org/search/?q=winexe
In your debian, or ubuntu based distro add the following repository to /etc/apt/sources.list :
deb http://repo.openpcf.org/repository/ext/openpcf/ubuntu/ precise main
Then add the repo's public key and update/install: (As of this writing, it is version 1.00 and they are developing v1.1)
wget http://repo.openpcf.org/repository/ext/openpcf/openpcf.org-repo-public-key-C6E91526.asc
sudo apt-key add ./openpcf.org-repo-public-key-C6E91526.asc
sudo apt-get update
sudo apt-get install winexe
As with the windows utility psexec.exe, the target must be configured appropriately. Specifically read the following if necessary:
1) http://forum.sysinternals.com/psexec-could-not-start_topic3698_post11962.html#11962
2) http://jamesrayanderson.blogspot.com/2010/04/psexec-and-ports.html
Lets test it by listing processes on the target:
winexe -U USERNAME //HOSTNAMEorIP "tasklist"
The utility should ask for the password and display results:
Password for [WORKGROUP\USERNAME]:
Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 28 K
System 4 Console 0 72 K
smss.exe 712 Console 0 268 K
csrss.exe 800 Console 0 1,488 K
winlogon.exe 824 Console 0 4,892 K
services.exe 868 Console 0 2,228 K
lsass.exe 880 Console 0 1,876 K
vmacthlp.exe 1084 Console 0 152 K
svchost.exe 1100 Console 0 2,328 K
PresentationFontCache.exe 1168 Console 0 1,024 K
svchost.exe 1196 Console 0 1,676 K
svchost.exe 1320 Console 0 32,768 K
svchost.exe 1412 Console 0 2,576 K
svchost.exe 1436 Console 0 368 K
svchost.exe 1508 Console 0 1,440 K
svchost.exe 1568 Console 0 1,368 K
svchost.exe 1912 Console 0 272 K
alg.exe 1956 Console 0 280 K
svchost.exe 584 Console 0 384 K
ramaint.exe 1296 Console 0 424 K
SntpClient.exe 2796 Console 0 1,416 K
dllhost.exe 2892 Console 0 360 K
vmtoolsd.exe 3260 Console 0 2,708 K
vmware-usbarbitrator.exe 3368 Console 0 388 K
vssvc.exe 3436 Console 0 188 K
SDUpdSvc.exe 3488 Console 0 800 K
dllhost.exe 2472 Console 0 1,040 K
logon.scr 4080 Console 0 252 K
csrss.exe 4024 1 2,340 K
winlogon.exe 404 1 5,684 K
[etc]
When running programs that take parameters, remember to use quotes.
Lets test this by running a ping-to-self on the target. Execute the utility including quotation marks:
winexe -U USERNAME //HOSTNAMEorIP "ping -n 1 127.0.0.1"
The above produces:
Password for [WORKGROUP\USERNAME]:
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms ttl=128
Ping statistics for 127.0.0.1:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
For domain accounts, i've found that you need to escape your domain username in this fashion: (notice the double-slashed username )
winexe -U DOMAIN\\username //HOSTNAMEorIP "commandline"
Be warned though, as also true with psexec, your password may be passed as plain text over the network.
~~~
As always, Good Luck!
Please consider crypto tipping: