This article is based on PSTools 1.6 version. PSTools is a powerful NT / 2K remote management kit out of Sysinternals. Its home page is http://www.sysinternals.com/ download address to http://www.sysinternals.com/files/pstools.zip( 1 )PSexecPsexec is a remote execution tool, you can use it like Telnet . Its usage format is: psexec // Remote machine IP [-u username [-p password]] [-C [-f]] [-i] [- d] program [arguments] Its parameters are: -u With the username -P is followed by a password, if two parameters are not required after establishing an IPC connection. (If there is no -p parameter, you will ask you to enter your password after entering the command) -C <[path] file name>: copy file to the remote machine and run (Note: Document will be automatically deleted after running end) -d not to wait Return it, (For example, if you want to use the remote machine to run the TFTP server, the psexec command will always wait for the TFTP program to return) -i running a PSEXESVC process on the remote machine, (until what to get Understand that I have an account in the remote machine IP, the account name is: ABC password is: 123, if you want to execute the command on the remote system with Telnet: PSEXEC // Remote machine IP -U ABC -P 123 cmd if Want to perform a local C: /Srm.exe file: psexec // Remote machine IP -U ABC -P 123 -CC: /Srm.exe If you want to let the remote machine execute the local TFTP server, (Suppose The TFTP server is in local C: /TFTP32.exe, can be hit: PSEXEC / / Remote Machine IP -U ABC -P 123 -CC: /TFTP32.EXE -D (back example no longer repeating -U and -P usage (2) PSServicePSService is a service manager. Its usage format is: psservice [// Remote Machine IP [-U Username] [-P password]]
For example, you want to view the status of Telnet services on the remote machine: PSService // Remote machine IP Query Tlntsvr (TLNTSVR service name), such as the configuration of the Telnet service on the remote machine: PSService // Remote Machine IP Config TLNTSVR For example, you want to start the Telnet service on the remote machine: PSService // Remote Machine IP Start TLNTSVR Other usage is pushed. (3) PssuspendPssuspend is a software that temporarily stops the process. Its usage format is: pssuspend [-r] [// Remote machine ip [-u username] [-P password]]
For example, the CPU usage information to view the process on the remote machine IP can be hit: PSLIST -D // Remote machine IP, for example, to see a PID number 999, the memory usage information named srm.exe process can be hit: PSList -m / / Remote Machine IP 999 or PSLIST -M // Remote Machine IP SRM For example, you should check the process of 61.12.23.4 in real time in task manager mode, and refresh interval 3 seconds can be hit: PSList -s -n 3 // Remote machine IP (6) PSUPTimePsuptime is a command for how long it has run by the remote machine. Using it only needs to hit: PSUPTIME // Remote Machine IP (7) PsshutdownPsshutdown is a remote shutdown command. Its usage format is: psshutdown [[-s | -r | -k [-t nn] [- m "message"] [- f]] -A | -l | -o] [// Remote machine IP] Its parameters are: -a: Cancel the previously executed shutdown instruction. -T: How many seconds are there. (Default is 20 seconds) -s: Turn off the machine. -m: Yes, information to display. -f: It is a shutdown that does not save the run. -r: indicates restart. -l: Indicates to lock the computer. -o: Indicates to cancel the user. For example, I want the remote machine to close and display after 30 seconds (to be turned off, please save the file), hit: psshutdown -t 30 -s -m "To shut down, save the file" // Remote machine IP If it is necessary What to do: psshutdown -t 30 -m "To shut down, save the file" -r // Remote machine IP If you want to cancel the instruction you just want to play: psshutdown -a // Remote machine IP other parameters are pushed. (8) PSFilepsFile is a command to display the session on the machine and what file is opened by the user in the network. Its usage format is: psfile [// Remote Machine IP [-u username [-p password]]] [[ID | PATH] [-c]] Its parameters are: -u back and user name -p With the password, these two parameters are not required if the IPC connection is established. (If there is no -p parameter, you will ask you to enter your password after entering the command) -c: Turn off the session or file, such as what I want to see the session on the remote machine and the file opened by remote users can be hit: PSFile // Remote machine IP Then, [33] C: / Winntuser: AdministratorLocks: 0access: Read [63] / PIPE / SRVSVCUSER: ADMINISTRATORLOCKS: 0ACCESS: Read Write Next, I want to close the ID 33, the path is C: / Winnt this session can be played PSFILE / / Remote Machine IP 33 -C or PSFile // Remote Machine IP C: / Winnt -c (9) PSLoggedonpsloggedon is a command that displays the current machine who landed. Its parameters are only: -l Only display local login users without displaying other network login users -X not display login time, such as the remote machine is now logged in, the user can play: psloggedon // Remote machine IP (10) psgetsidpsgetsid is A tool for remote access to account SID information. Its usage format is: psgetsid [// Remote machine ip [-u username [-p password]] [account] Its parameters have -U back and the username -P is followed by a password, if IPC connection is established These two parameters are not required. (If there is no -p parameter, you will ask you if you enter the password after entering the command), for example, you want to see the SID information of the account name ABC on the remote machine. You can play: psgetsid // Remote machine IP ABC (11) pskillpskill is a kill process program.
