Python: Using wmi to start executable remotely

Question

Im trying to run an executable file remotely on Windows using the wmi module. it establishes the connection but I think my process line is incorrect, as when I check the server the executable definately has not been run. Can you guys help me on the syntax with this?

import wmi, time
ip = 'xx.xx.xx.xxx'
username = "user"
password = "password!"
from socket import *
print "Establishing connection to %s" %ip
connection = wmi.WMI(ip, user=username, password=password)
print "Connection established"
print "Starting IO"
connection.Win32_Process.Create(CommandLine='cmd.exe C:\Users\Public\Desktop\Auto_IOX.exe')
time.sleep(60)

bladexeon · Accepted Answer · 2017-04-19T15:15:42.360

5

import wmi, time
ip = 'xx.xx.xx.xxx'
username = "user"
password = "password!"
SW_SHOWNORMAL = 1
from socket import *
print "Establishing connection to %s" %ip
c = wmi.WMI(ip, user=username, password=password)
process_startup = c.Win32_ProcessStartup.new()
process_startup.ShowWindow = SW_SHOWNORMAL
process_id, result = c.Win32_Process.Create(CommandLine="C:\User\Administrator\Desktop\runIOX_auto.bat",ProcessStartupInformation=process_startup)
if result == 0:
  print "Process started successfully: %d" % process_id
else:
  raise RuntimeError, "Problem creating process: %d" % result

I managed to figure it out (With help from DDay) by creating a Batch file that ran everything that i needed and put it on the desktop and then ran that instead.

edited Apr 19 '17 at 15:15

answered Apr 15 '15 at 20:30

bladexeon

696
3
10
31

2

Don't store the batch file in the System32 directory. Just pass the desired `CurrentDirectory` when calling [`Win32_Process.Create`](https://msdn.microsoft.com/en-us/library/aa389388), or use an absolute path to the file such as `r"C:\Users\Public\Scripts\runIOX_auto.bat"`. From within the batch file you can get the file location as `%~dp0`, i.e. the [d]rive and [p]ath of argument 0, which is always the batch file itself. – Eryk Sun Apr 18 '15 at 09:53
@eryksun Ah this was a much better Idea I did this instead on the system32 directory, Thanks! – bladexeon Apr 20 '15 at 17:30

score 4 · Answer 2 · answered Apr 15 '15 at 20:01

4

Take a look at Tim Golden's tutorial. You are not using the information that the Win32_Process.Create method returns.

process_id, result = c.Win32_Process.Create(
  CommandLine="notepad.exe",
  ProcessStartupInformation=process_startup
)

As a result you may be missing out on the process ID and on the result of starting that remote process.

answered Apr 15 '15 at 20:01

DDay

698
1
9
17

This was helpful, now I can see the process runnning. However i dont think it's actually doing what it is supposed to. – bladexeon Apr 15 '15 at 20:16
1

Actually I just figured it out a little better. I just had to move the exe to the same folder the notepad.exe wa located and ran it and now its doing what its supposed to. Thanks! – bladexeon Apr 15 '15 at 20:21
You're welcome. I thought about the location of the executable, but did not dwell on it. – DDay Apr 16 '15 at 19:25

Python: Using wmi to start executable remotely

2 Answers2

Linked