Execute Windows Commands from Linux using winexe. Connect from Linux to Windows without SSH

Winexe – is a software on Linux which uses RPC to run remote commands and might even come with your distribution’s packages. It depends on Samba for running rpc commands
Edit: even if your distro does not have it precompiled and you do not want to compile yourself, you should check out the Build Service – it is likely to have the binary version you would need for your system.
First Install samba-common on your Linux machine before beginning winexe
Use below article to check WinEXE installation
https://www.kickass.se/?p=189
Winexe is a GNU/Linux based application that allows users to execute commands remotely on WindowsNT/2000/XP/2003/Vista/7/8 systems. It installs a service on the remote system, executes the command and uninstalls the service. Winexe allows execution of most of the windows shell commands.
How to install:
You can download the source package from here [Current version is winexe-1.00.tar.gz]

  1. tar -xvf winexe-1.00.tar.gz
  2. cd winexe-1.00/source4/
  3. ./autogen.sh
  4. ./configure
  5. make basics bin/winexe
  6. make “CPP=gcc -E -ffreestanding” basics bin/winexe (For X64 bit)

this will create a [ winexe ] binary file in the bin folder. You can use that binary to execute the windows commands from Linux.
or else there are some compiled version of binary itself available for download. You can download and use it from here.
The above version of winexe works only till version Windows Server 2012. For Windows Server 2012R2 requires below method to make winexe work with latest version of windows. Below method will get the code for samba and winexe from the github repository and we will have to build it for it to work.
Alternate Method (Best Method to Work with Latest Version of Windows 10 and Windows Server 2012R2)

http://rand0m.org/2015/08/05/winexe-1-1-centos-6-and-windows-2012-r2/

  1. Install Samba on Linux
yum install samba-common

2.      fixup a bunch of samba dependencies

yum install gcc perl mingw-binutils-generic mingw-filesystem-base mingw32-binutils mingw32-cpp mingw32-crt mingw32-filesystem mingw32-gcc mingw32-headers mingw64-binutils mingw64-cpp mingw64-crt mingw64-filesystem mingw64-gcc mingw64-headers libcom_err-devel popt-devel zlib-devel zlib-static glibc-devel glibc-static python-devel
yum install git gnutls-devel libacl1-dev libacl-devel libldap2-dev openldap-devel
  1. As per the docs, remove libbsd-devel if installed
yum remove libbsd-devel
  1. Clone the git repos. samba is huge, like 280MB
cd /usr/src
git clone git://git.code.sf.net/p/winexe/winexe-waf winexe-winexe-wafgit clone git://git.samba.org/samba.git samba
  1. per winexe bug 64, samba needs to be reverted to a6bda1f2bc85779feb9680bc74821da5ccd401c5
cd /usr/src/samba
git reset --hard a6bda1f2bc85779feb9680bc74821da5ccd401c5
  1. Fixup the build deps
cd /usr/src/winexe-winexe-waf/source
vi wscript_build
# modify 'wscript_build', and at the very end ...stlib='smb_static bsd z resolv rt'lib='dl gnutls'

7.     Build it! his does a huge configure, then also compiles samba, which takes a while. 

./waf --samba-dir=../../samba configure build

8.     Executable should be  /usr/src/winexe-winexe-waf/source/build/winexe-static

cd /usr/src/winexe-winexe-waf/source/build/
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 "ipconfig -all"
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 "ipconfig -all" -d99

Sample on How to use it to Check Service on Linux :

export CHECK_COMMAND='sc query "Notification Service"'
export STOP_COMMAND='sc stop "Notification Service"'
export START_COMMAND='sc start "Notification Service"'
## Check Service Status ##
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 --interactive=0 "$CHECK_COMMAND"
## Check with Debug ##
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 --interactive=0 "$CHECK_COMMAND" -d99
## Run powershell script or command on windows then like below ##
winexe -U administrator%$PWD //$IP "powershell -Command & {(c:\User\administrator\powershell.ps1)}"
 
## Stop and Start Service ##
export CHECK_COMMAND='sc query "Browser"'
export STOP_COMMAND='sc stop "Browser "'
export START_COMMAND='sc start "Browser "'
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 --interactive=0 "$CHECK_COMMAND"
cat </dev/null | ./winexe-static --U 'domain\admin%$PWD' //iihoserver01 --interactive=0 "$STOP_COMMAND"
cat </dev/null | ./winexe-static -U 'domain\admin%$PWD' //iihoserver01 --interactive=0 "$START_COMMAND"

 

 

Category: LinuxLinuxPowershell

Tags:

One comment

  1. Unable to clone Samba. Showing following error:

    git clone git://git.samba.org/samba.git samba
    Cloning into ‘samba’…
    fatal: unable to connect to git.samba.org:
    git.samba.org[0: 193.175.80.230]: errno=Connection refused
    git.samba.org[1: 2001:638:603:d06e::80:230]: errno=Network is unreachable

    Is there any other way to install samba ? or git url

Leave a Reply

Article by: Shadab Mohammad