PSEXEC on Windows 7: Access is denied

PSEXEC is a sysinternals tool that can be very useful for system administrators to inject commands into a remote machine, needless to say, this opens an interesting possibility for the hacking enthusiasts out there hehe

To run the command line on a target XP machine on which you have the user and password for the Administrator account, this would be the code:

psexec \\TargetMachine-u Administrator -p Password CMD

Voila, i'm in as simple as 123, now i can send any kind of commands, start, stop services etc.


PSEXEC on Windows 7: Access is denied.

PSEXEC in Windows 7 requires elevation, so before running the command, make sure you are running CMD as Administrator and then enter this command to run CMD on the TargetMachine:

psexec -h -s \\TargetMachine -u Administrator -p Password CMD


Domain users can run CMD as Administrator by pressing SHIFT + RIGHT mouse button (RMB) over CMD so you can "Run  as a different user":

Authenticate:

And now run the command:

psexec -h -s \\TargetMachine -u Administrator -p Password CMD

This will run the remote command on the SYSTEM account. Note that admin$ must be available.


Congrats, you just learned an interesting thing today.