Windows 7 Rename a remote system file?

Discussion in 'Programming and Scripting' started by dsaum, Feb 26, 2016.

  1. dsaum

    dsaum New Member

    Joined:
    Jan 5, 2016
    Messages:
    3
    Likes Received:
    0
    Hey all! I'm a noob at writing batch files and have written a bunch, but my latest one is an odd one. I'm actually trying to break remote machines (for security reasons) by renaming the bootmgr system file and then shutting the machines down so they can no longer boot up. My batch file will map the remote machines hard drive to "Z" and then I try to rename the bootmgr file, but I keep getting a syntax error. Here's what I have:

    @echo off
    :start
    set /p a="Enter IP Address or Name: "
    net use z: \\%a%\C$ /u:%a%\USERNAME PASS
    timeout /t 10
    ren -y z:\bootmgr bootmgrbroken
    timeout /t 5
    goto start

    I've tried even renaming a non system file and still get the same syntax error. Thanks in advance for all your help!
     
  2. Josephur

    Josephur Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Aug 3, 2010
    Messages:
    1,019
    Likes Received:
    125
    Although your methods seems nefarious.. I'll bite. Obviously if you can map the drive remotely you have Administrator access to the remote machines, if that is the case you should really check out Sysinternals PsTools package, specifically psexec.

    It comes with documentation, and running the programs with no parameters should spit out the help, but basically psexec installs a temporary service on a remote machine to then carry out commands on the remote machine's command prompt. (of course you need admin credentials to said remote machine).
     
  3. Neemobeer

    Neemobeer Windows Forum Team
    Staff Member

    Joined:
    Jul 4, 2015
    Messages:
    2,425
    Likes Received:
    366
    A few things
    • You would need to run all of these commands from an elevated command prompt. If you run them without the elevated command prompt you are using a regular user access token and not an admin token
    • There are local and share permissions on the remote file system and the most restrictive takes precedent
    • Even if you are executing these commands as an admin, specifically for the system files, you will need to first take ownership of them before you can do anything
     

Share This Page

Loading...