±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 6 Overall: 36583
New Yesterday: 6 Visitors: 177

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Need a way to remotely install an app on Windows?

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts


Need a way to remotely install an app on Windows?

Post Posted: Sep 16, 17 19:31

Here is yet another method to use PsExec to remotely transfer and run an app. It runs through a subnet, tests the connection before attempting to push, and dumps the results into a report. This time it is with PowerShell. I use this method a lot in enterprise networks when deploying the EnCase servlet. Any suggestions on improving the PowerShell script? The code is included in the video and description.

Here is the link: youtu.be/NhZPixwlVFQ
[video width=250 height=200]https://youtu.be/NhZPixwlVFQ[/video]


# Written by Jeremy Martin, Information Warfare Center
# More tips and episodes of Cyber Secrets at
# YouTube.com/IWCCyberSec
# InformationWarfareCEnter.com
# IntelligentHacking.com

[email protected]()
$Subnet = Read-Host -Prompt "Please Enter the Subnet the you want to search in (Example: 192.168.0)"
$IPStart = Read-Host -Prompt "Please Enter the First IP in that range (Example:1)"
$IPEnd = Read-Host -Prompt "Please Enter the Last IP in that range (Example:255)"
$User = Read-Host -Prompt "Please Enter the Admin User"
$Pass = Read-Host -Prompt "Please Enter the Admin Pass"
$Domain = Read-Host -Prompt "Please Enter the Domain (NA for None)"
$ScriptPath = Read-Host -Prompt "Please Enter the destination path (Example: c:\)"
$Prog = Read-Host -Prompt "Please Enter the program to push"
echo "Starting the push now..."
if (Test-Path $Subnet-"results.csv")
$results += Import-Csv -Path $Subnet-"results.csv"
$IPStart..$IPEnd | %{
$IP = "$Subnet.$_"
If (Test-Connection -count 1 -comp $IP -quiet) {
$HostName = [System.Net.Dns]::GetHostByAddress($IP).HostName
$HostName = $HostName.trimend(".domain")
if ($Domain -eq "NA"){
$cmdkeyParams = @('/add:$HostName /user:$Domain\$User /pass:$Pass')
Start-Process -FilePath cmdkey.exe -ArgumentList "$cmdkeyParams" -wait
echo "$IP - $HostName"
$props = @{
HostName = $HostName
IPAddress = $ip
Path = $ScriptPath
Program = $Prog
$Target = "\\$HostName"
$PUser = "-u $Domain\$User"
$PPass = "-p $Pass"
$Args = @('-i -f -c', $Prog)
$Exec = "./PsExec.exe"
$Params = "$Target $PUser $PPass $Args"
echo "$Exec $Params"
$process = Start-Process -FilePath "$Exec" -ArgumentList "$Params" -PassThru
Wait-Process -InputObject $process
if ($process.ExitCode -eq 0) {
$results+= "$Prog was pushed to $IP - $HostName using PsExec."
echo "$Prog was pushed to $IP - $HostName"
New-Object -TypeName psobject -Property $props
} elseif ($process.ExitCode -eq 2){
$results+= "$Prog was pushed to $IP - $HostName"
echo "$Prog was pushed to $IP - $HostName"
} else {
$results+= "$Prog FAILED to push to $IP - $HostName"
echo "$Prog FAILED to push to $IP - $HostName"

$cmdkeydParams = @('/delete:$HostName')

} else {
Write-Host "the $IP is not reachable"

$results >> $Subnet-"results.csv"
Invoke-Item $Subnet-"results.csv" -force
Penetration Tester & Computer Forensics Analyst

Creator of Cyber Secrets & Just the Tip: YouTube.com/IWCCyberSec 

Page 1 of 1