Running the following from a command line to launch a process on remote computer
wmic /node:remotemachine /user:localadmin process call create "cmd.exe /c C:\temp\myfolder\test.bat"
basically it's just
echo Some Text > output.txt
I tested by double clicking the batch file and it creates the output.txt file.
the batch file just echoes to a file. I did this to see if it actually runs.
The cmd process starts. I can see it in the processes, but the batch file never creates the text file.
I started off trying to run an EXE from my C# application, but it will create the process for the executable, but the actions the executable takes, never occurs.
So I started testing other ways to do the same thing, and I am encountering the same issue. it creates the process, but doesn't actually run the bat or exe.
Any help would be appreciated.
I need to be more specific
I'm using the following code within my C# application:
public static void ConnectToRemoteClient(string client_machine, string target_exe )
{
var connection = new ConnectionOptions();
object[] theProcessToRun = { target_exe };
var wmiScope = new ManagementScope($@"\\{client_machine}\root\cimv2", connection);
wmiScope.Connect();
using (var managementClass = new ManagementClass(wmiScope, new ManagementPath("Win32_Process"), new ObjectGetOptions()))
{
managementClass.InvokeMethod("Create", theProcessToRun );
}
}
It's called as follows:
It is called using the following syntax:
string exe = string.Format(@"cmd.exe /c C:\temp\Myfolder\test.bat");
ConnectToRemoteClient("ClientMachine", exe);
It will launch the process and I see the cmd.exe running, but the test.bat actions never occur.
Telling WMIC to run a single command is pretty straight forward. Trouble shows up once we try to nest one command inside another. :-)
Since this case has an outer command (cmd.exe) and an inner command (C:\temp\Myfolder\test.bat), the trick is separating them in a way that WMIC can use. There are 3 techniques that'll work, but the one which has the fewest issues with special characters is the single-to-double-wrap method. Effectively you use single quotes around the outer command, and double quotes around the inner command. For example:
wmic /node:NameOfRemoteSystem process call create 'cmd.exe /c "whoami /all >c:\temp\z.txt"'
Wrapping in this way will preserve the redirector (>) and it also doesn't require you to double your backslashes on the inner command.
Output From Example:
dir \\NameOfRemoteSystem\c$\temp\z.txt
File Not Found
wmic /node:NameOfRemoteSystem process call create 'cmd.exe /c "whoami /all >c:\temp\z.txt"'
Executing (Win32_Process)->Create()
Method execution successful.
Out Parameters:
instance of __PARAMETERS
{
ProcessId = 20460;
ReturnValue = 0;
};
dir \\NameOfRemoteSystem\c$\temp\z.txt
03/27/2019 04:40 PM 17,977 z.txt