Winexe -错误:无法打开连接- NT_STATUS_CONNECTION_RESET

Question

我们正在尝试从Linux(CentOS 7)到Windows10远程执行windows命令。我已经在CentOS 7中设置了Winexe。我认为设置似乎没问题

[user@abcd build]$ ./winexe-static -v
winexe version 1.1
This program may be freely redistributed under the terms of the GNU GPLv3
Usage: winexe-static [OPTION]... //HOST COMMAND
Options:
-h, --help                                  Display help message
-V, --version                               Display version number
-U, --user=[DOMAIN/]USERNAME[%PASSWORD]     Set the network username
-A, --authentication-file=FILE              Get the credentials from a file
-N, --no-pass                               Do not ask for a password
-k, --kerberos=STRING                       Use Kerberos, -k [yes|no]
-d, --debuglevel=DEBUGLEVEL                 Set debug level
--uninstall                                 Uninstall winexe service after
                                          remote execution
--reinstall                                 Reinstall winexe service before
                                          remote execution
--system                                    Use SYSTEM account
--profile                                   Load user profile
--convert                                   Try to convert characters
                                          between local and remote
                                          code-pages
--runas=[DOMAIN\]USERNAME%PASSWORD          Run as the given user (BEWARE:
                                          this password is sent in
                                          cleartext over the network!)
--runas-file=FILE                           Run as user options defined in a
                                          file
--interactive=0|1                           Desktop interaction: 0 -
                                          disallow, 1 - allow. If allow,
                                          also use the --system switch
                                          (Windows requirement). Vista
                                          does not support this option.
--ostype=0|1|2                              OS type: 0 - 32-bit, 1 - 64-bit,
                                          2 - winexe will decide.
                                          Determines which version (32-bit
                                          or 64-bit) of service will be
                                          installed.

然而，它没有连接到Windows10机器。以下是我们用来测试的命令。我们也尝试了Sudo用户。显示错误:无法打开连接- NT_STATUS_CONNECTION_RESET错误

[user@abcd build]$ ./winexe-static -U Domain123/CI.Admin%JeesOver*819 //Windows10 “ipconfig”
ERROR: Failed to open connection - NT_STATUS_CONNECTION_RESET

[user@abcd build]$ sudo ./winexe-static -U 'Domain123/CI.Admin%JeesOver*819' //Windows10  “ipconfig”
[sudo] password for user:
ERROR: Failed to open connection - NT_STATUS_CONNECTION_RESET

Answer 1

您的winexe可能正在使用SMB1方言进行连接，这在现代windows版本中已被弃用。

仅出于调试目的，暂时启用Windows中的SMB1 (hint:OptionalFeatures.exe)，然后重试。它应该可以工作，除非您还需要将"LocalAccountTokenFilterPolicy“添加到注册表中。

不要忘记再次禁用SMB1。

有一个支持SMB2的winexec二进制文件可以在CentOS7和Windows10上运行：http://dl-openaudit.opmantek.com/winexe-static

为我工作的源代码：https://bitbucket.org/reevertcode/reevert-winexe-waf

除了自述文件之外，您还应该阅读“BUILD”文件，它包含其他信息(要应用的补丁程序)。

祝好运!