WellingtonIS
asked on
PSExec
My company has been hit with Ransomware and you all can understand what is going on. They have made us stop the admin shares on all PC's If I create a folder that's shared to all admins can we still run PSEXEC from that folder remotely? Basically the C$ is disabled on all machines.
PsExec uses the admin$ share to install the service and (IIRC) IPC$ for controlling. So the share where PsExec is located doesn't matter, but whether those two shares are accessible on the target machine.
ASKER
There's no way around this?
PsExec needs to create the service to run applications, so no. But you can use PowerShell Remoting instead ;-).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.