横向移动-PsExec轻量级 telnet 替代品

Invoke-WebRequest -Uri 'https://download.sysinternals.com/files/PSTools.zip' -OutFile 'pstools.zip'Expand-Archive -Path 'pstools.zip' -DestinationPath "$env:TEMPpstools"Move-Item -Path "$env:TEMPpstoolspsexec.exe" .Remove-Item -Path "$env:TEMPpstools" -Recurse

# Prevent the license agreement from being displayedpsexec.exe /accepteula
# Run the 'hostname' command on remote machinepsexec.exe \REMOTECOMPUTER hostname
# Run the 'hostname' command on EVERYTHING (on the domain)psexec.exe \* hostname
# Run a local executable on a remote machinepsexec.exe \REMOTECOMPUTER -c C:Toolsprogram.exe
# Run the 'hostname' command with different credentialspsexec.exe \REMOTECOMPUTER hostname -u localadmin -p secret-p@$$word
# Spawn shell on remote machinepsexec.exe -s \REMOTECOMPUTER cmd