Headless GUI Automation on Windows From Linux using Winexe

This is a demonstration of Winexe, which is an open-source remote command execution utility for Windows. It is similar to PSExec from SysInternals. They both work pretty much the same way - they install and start a Windows service. You don't need to install anything on the target machine as the installation is handled remotely by the command line utility.

Prerequisites
Windows
  • Administrative access. This would make it difficult to test on the machine using a non-admin account. This is required primarily to install and start the service. The administrative account must have a password. There maybe a couple of ways around this though - we could try and keep the service running and then remove admin access from the user account or we could use an admin account to connect but then use 'RunAs' to impersonate a non-admin user on the target machine. I haven't tested either possibility yet
  • Local Security policy - I wasn't able to get it to work even with admin access because it didn't appear to have the privileges to add a Windows service so I had to add the 'Administrators' group to to the Local Security Policy for 'Local Policies\User Rights Assignment\Act as part of the operating system'. This was a lazy thing to do but I was rushed for time and couldn't figure out which key controls the ability to add a service to the machine
  • Remote sharing and remote administration need to be enabled on the target machine
  • The 'Workstation' and 'Server' service should be enabled and and running
  • The 'Windows Network' and 'Printer and File Sharing' should be activated
  • The remote IPC and remote admin shares should be available. To check if this is available, run 'net share' at the command prompt and you should see the 'IPC$', 'C$' and 'ADMIN$' shares listed. On Windows XP you need to disable 'Simple Sharing' under 'Control Panel\Folder Options\View\Use simple file sharing'
  • Disable the firewall - again a lazy approach to prove that this works. We will need to figure out the exact ports to allow

Linux
  • I used Oracle Linux so depending on your architecture and distro, you may need to find the appropriate installers. I couldn't find python-dev so I did a 'yum search python | grep -i devel' to find python-devel.x86_64
  • At the Linux console type -
  • You might see a bunch of errors and warnings - you can ignore most of them but pay attention to the end of the list for each of the commands above - fatal problems are always listed in the end and you may be missing a library or two for ./configure to complete successfully
  • You can now run './bin/winexe -U [domain]/[user]%[password] //host-ip cmd.exe' to get access to the remote command prompt
  • I ran this on the private cloud and SMB/CIFS is blocked so I could only get this to work between two private cloud machines - a Linux host and a Windows host

Comments

Post a Comment

Popular posts from this blog

The Forecaster Brown Fan Club

I spent the last couple of weeks in October watching what could only be described as the Idiot's Guide to the Wikipedia entry on Hurricane Sandy, otherwise known as the Weather Channel (it was the only live channel I could find online). Half of it involved presenters with an emotional age of 14 trying to get as close to the storm surge as they could, while Dr. Thang in Atlanta helpfully pointed out the eye of the storm every so often. It left me wondering why India had fought so hard for a Cray XMP-24 all those decades ago when all they needed was a helicopter, a doppler, a satellite photo and a half-crazed adolescent with a death-wish. Then I came across this page written by the imaginately named 'Forecaster Brown'. The post, dated ' 1100 AM EDT SAT OCT 27 2012 ' begins " NOAA AND AIR FORCE RESERVE HURRICANE HUNTER AIRCRAFT HAVE BEEN  SAMPLING THE CYCLONE THIS MORNING. "  It turns out the NOAA (National Oceanic and Atmospheric Administ
Read more

How to Create a Pentaho Report Using the REST Client

Image
Prerequisites Pentaho Kettle (see earlier blog post) Pentaho Report Designer You will get an error message in Pentaho Report Designer that says ' java.lang.NoClassDefFoundErr: com/sun/jersey/api/client/ClientConfig ' if you try to run a report against the Kettle job. To fix this error copy the following files from  C:\pentaho\data-integration\libext\jersey\ to C:\pentaho\prd-ce-3.9.1-GA\report-designer\lib\. If you plan to ublish the report to the BI Server, also copy these files to C:\pentaho\biserver-ce\tomcat\webapps\pentaho\WEB-INF\lib\ as well - jersey-apache-client-1.7.jar jersey-client-1.7.jar jersey-core-1.7.jar The Payload My example returns an array of objects [   {       "id":"1",       "name":"item1",       "description":"someDescription1"   },   {       "id":"2",       "name":"item2",       "de
Read more

Automated Testing with vncdotool (Not Headless, but Hairless)

Image
The headless testing problem is a thorny one and impacts the fundamental architecture of the test automation platform I'm working on. If we can't find a solution, we might not be able to use the private cloud nor parallelize our testing effectively. Part of the problem are the tests themselves that still rely on SendKeys() and MouseMove(). Two aspects of remote interaction that are insecure and therefore disallowed by Microsoft from Windows Vista onwards. This means that we have to rely on hacks like the VIX API and the one that I am about to document below. There are two widely-used technologies for remote interactive connectivity on the Windows platform - the Remote Desktop Client (RDC) and VNC. The first is entirely proprietary while the second offers a number of open-source implementations (and some proprietary, full-featured, commercial implementations). The RDC implementation requires access to the VIX API which in turn relies on proprietary, privileged access t
Read more