Link to home
Start Free TrialLog in
Avatar of WellingtonIS
WellingtonIS

asked on

PSExec

My company has been hit with Ransomware and you all can understand what is going on.  They have made us stop the admin shares on all PC's  If I create a folder that's shared to all admins can we still run PSEXEC from that folder remotely? Basically the C$ is disabled on all machines.
Avatar of Qlemo
Qlemo
Flag of Germany image

PsExec uses the admin$ share to install the service and (IIRC) IPC$ for controlling. So the share where PsExec is located doesn't matter, but whether those two shares are accessible on the target machine.
Avatar of WellingtonIS
WellingtonIS

ASKER

There's no way around this?
PsExec needs to create the service to run applications, so no. But you can use PowerShell Remoting instead ;-).
ASKER CERTIFIED SOLUTION
Avatar of WellingtonIS
WellingtonIS

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial