I am looking for a tool that will allow me to monitor and control programs running inside a Windows VM from the Linux host machine. I realize that this is similar to what a rootkit would do, and I am completely happy to use some hacker software if it provides the necessary functionality (and if I can get it in source-code form).
If I can't find something, I'll have to write it using C. Probably an embedded HTTP server running on an odd port and doing some kind of XMLRPC thing.
Here is the basic functionality I need:
I would like to: - Read contents of screen - Read all controls on screen. - Send arbitrary click to a Windows control.
Does anything like this exist?
Build Samba with WMI support from http://dev.zenoss.org/svn/trunk/inst/externallibs/wmi-1.2.9.tar.bz2. Not in the official Samba yet.
wmic -UAdministrator //host "select * from Win32_Process"
You need to run wmic on the Windows host using winexe because Samba wmic only supports querying
winexe -UAdministrator //host "wmic process where name=\"process.exe\" delete" # Kill process.exe
winexe -UAdministrator //host "wmic process where ProcessId=145 delete" # Kill pid 145
winexe -UAdministrator //host process.exe
You probably want to use Samba read man mount.cifs and man smbclient