How To Shutdown A Remote Computer : Hacking Tricks

Here's a nifty way to use a script to shut down remote machines.

Sometimes, you need to be able to shut down a server remotely. This script pings the computer in question prior to sending the Win32Shutdown method. It operates on remote PCs and has been tested on systems running Windows 2000. It will probably work on NT4 systems with the proper WHS/WMI/VB scripting, though it has not been tested on such systems.

Using the Win32Shutdown method, the script provides you with the option of logging off the current user of the machine, powering the machine down, or rebooting it. In addition, each of these options can be forced so that the action occurs even if applications are running. Use this option carefully, though, because it might cause the logged-on user to lose his work if he has open files. Note that forced log off/power down/reboot will not work if the screen saver is password-protected and is currently active.

The Code

Make sure you have the latest scripting engines on the workstation you run this script from. You can download the latest scripting engines at the Microsoft Scripting home page (http://msdn.microsoft.com/library/default.asp?url=/nhp/default.asp?contentid=28001169). Note that, when working with the Active Directory Services Interface (ADSI), you must have the same applicable rights as you need to use the built-in administrative tools. Also, for VB scripts that interact with Windows Management Instrumentation (WMI), apply the most current version of the WMI agents.

Type the following code into a text editor such as Notepad (making sure to have Word Wrap disabled) and save it with a .vbs extension. Alternatively, you can download the RemoteShutdown.vbs script from the O'Reilly web site at http://www.oreilly.com/catalog/winsvrhks/.

'/'|| RemoteShutdown.vbs

'||

'|| Created by Harvey Hendricks, MCP, MCSE, A+

'|| March 2001

'|| email: Harvey.Hendricks@aramcoservices.com

'||

'||

'|| Based on techniques and ideas from:

'|| SMS admin, SMS Installer, & WMI forums ->

'|| http://www.myITforum.com/forums

'|| Win32 Scripting -> http://cwashington.netreach.net/

'|| Microsoft Windows Script Technologies ->

'|| http://msdn.microsoft.com/scripting

'|| Microsoft Online Library ->

'|| http://msdn.microsoft.com/library/default.asp

'|| Microsoft VBScript 5.5 documentation and Microsoft WMI SDK

'||

'||~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'|| SCRIPT LOGIC FLOW:

'|| Collects computername from user, calls function to ping the computername

'|| to determine if it is accessible, if not then display message and exit

'|| otherwise continue.

'|| Collects desired action to perform from the user, does error checking on

'|| the input to determine if it is acceptable, if not then display message

'|| and exit otherwise continue.

'|| Set variables and output messages based on the action chosen. Calls

'|| Win32Shutdown with the appropriate variable. Displays success message

'|| and exits

'||

'|| Uses WMI Win32Shutdown method from the Win32_OperatingSystem class

'|| to perform different logoff / powerdown / reboot functions

'||

'|| Testing found the following values to be effective on Win32Shutdown:

'|| Action decimal binary

'|| Logoff 0 0000

'|| Force Logoff 4 0100

'|| Reboot 2 0010

'|| Force Reboot 6 0110

'|| Powerdown 8 1000

'|| Force Powerdown 12 1100

'||

'|| Notice that the third bit from the right appears to be the "FORCE" bit.

'||

'|| A value of 1 will do a shutdown, ending at the "It is safe to turn

'|| off your computer" screen. I have no use for this and did not test it.

'||

'||

'||NOTES: - tested under Windows 2000 Pro. with ACPI compliant systems -

'|| SHOULD work under Windows NT4 without modification IF the

'|| system has compatible versions of WSH / WMI / VBscripting

'||

'||Logoff / Powerdown / Reboot:

'|| Does not work if a password protected screen saver is active or

'|| there is data to save. Either way the system waits for user input.

'||

'||Force Logoff / Force Powerdown / Force Reboot:

'|| Does not work if a password protected screen saver is active, will wait

'|| for user input. Otherwise will close open applications without saving

'|| data.

'||

'\/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ start function

function Ping(byval strName)

dim objFSO, objShell, objTempFile, objTS

dim sCommand, sReadLine

dim bReturn



set objShell = WScript.CreateObject("Wscript.Shell")

set objFSO = CreateObject("Scripting.FileSystemObject")



'Set default return value

bReturn = false



'Create command line to ping and save results to a temp file

sCommand = "cmd /c ping.exe -n 3 -w 1000 " & strName & " > C:\temp.txt"



'Execute the command

objShell.run sCommand, 0, true



'Get the temp file

set objTempFile = objFSO.GetFile("C:\temp.txt")

set objTS = objTempFile.OpenAsTextStream(1)



'Loop through the temp file to see if "reply from" is found,

'if it is then the ping was successful

do while objTs.AtEndOfStream <> true

sReadLine = objTs.ReadLine

if instr(lcase(sReadLine), "reply from") > 0 then

bReturn = true

exit do

end if

loop



'Close temp file and release objects

objTS.close

objTempFile.delete

set objTS = nothing

set objTempFile = nothing

set objShell = nothing

set objFSO = nothing



'Return value

Ping = bReturn

end function

'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ end function



'/\/\/\/\/\/\/\/\/\/\/\ Start Main body of script

'Get computer name to operate on

ComputerName=InputBox("Enter the Machine name of the computer" & vbCRLF _

& "you wish to Shutdown / Reboot / Logoff", _

"Remote Shutdown / Reboot / Logoff", _

"ComputerName")



'if Cancel selected - exit

If (ComputerName = "") Then Wscript.Quit



'change the name to uppercase

ComputerName=UCase(ComputerName)



'ping the computername to see if it is accessible

bPingtest = ping(Computername)



If bPingtest = FALSE Then

y = msgbox ("'" & ComputerName & "' is not accessible!" & vbCRLF _

& "It may be offline or turned off." & vbCRLF _

& "Check the name for a typo." & vbCRLF, _

vbCritical, ComputerName & " NOT RESPONDING")

Wscript.Quit

end IF



'Get the action desired

Action=InputBox( _

"Select Action to perform on " & ComputerName & vbCRLF & vbCRLF _

& " 1 - Logoff" & vbCRLF _

& " 2 - Force Logoff ( NO SAVE )" & vbCRLF _

& " 3 - Powerdown" & vbCRLF _

& " 4 - Force Powerdown ( NO SAVE )" & vbCRLF _

& " 5 - Reboot" & vbCRLF _

& " 6 - Force Reboot ( NO SAVE )" & vbCRLF & vbCRLF _

& "NOTE:" & vbCRLF _

& " Using Force will close windows" & vbCRLF _

& " without saving changes!", _

"Select action to perform on " & ComputerName, "")



'if Cancel selected - exit

If (Action = "") Then Wscript.Quit



'error check input

If (INSTR("1234567",Action)=0) OR (Len(Action)>1) then

y = msgbox("Unacceptable input passed -- '" & Action & "'", _

vbOKOnly + vbCritical, "That was SOME bad input!")

Wscript.Quit

end if



'set flag to disallow action unless proper input achieved, 1 => go 0 => nogo

flag = 0



'set variables according to computername and action

Select Case Action

Case 1 'Logoff

x = 0

strAction = "Logoff sent to " & ComputerName

flag = 1

Case 2 'Force Logoff

x = 4

strAction = "Force Logoff sent to " & ComputerName

flag = 1

Case 3 'Powerdown

x = 8

strAction = "Powerdown sent to " & ComputerName

flag = 1

Case 4 'Force Powerdown

x = 12

strAction = "Force Powerdown sent to " & ComputerName

flag = 1

Case 5 'Reboot

x = 2

strAction = "Reboot sent to " & ComputerName

flag = 1

Case 6 'Force Reboot

x = 6

strAction = "Force Reboot sent to " & ComputerName

flag = 1

Case 7 'Test dialog boxes

y = msgbox("Test complete", vbOKOnly + vbInformation, "Dialog Box Test Complete")

flag = 0

Case Else 'Default -- should never happen

y = msgbox("Error occurred in passing parameters." _

& vbCRLF & " Passed '" & Action & "'", _

vbOKOnly + vbCritical, "PARAMETER ERROR")

flag = 0

End Select



'check flag

' if equal 1 (TRUE) then perform Win32Shutdown action on remote PC

' and display a confirmation message

' if not equal 1 (FALSE) then skip the action and script ends

if flag then

Set OpSysSet=GetObject("winmgmts:{(Debug,RemoteShutdown)}//" _

& ComputerName & "/root/cimv2").ExecQuery( _

"Select * from Win32_OperatingSystem where Primary=true")

for each OpSys in OpSysSet

OpSys.Win32Shutdown(x)

y = msgbox(strAction,vbOKOnly + vbInformation,"Mission Accomplished")

next

end If



'Release objects

set OpSys = nothing

set OpSysSet = nothing

Running the Hack

To run the hack, simply double-click on the RemoteShutdown.vbs file in Windows Explorer (or a shortcut to this file on your desktop) and type the name of the remote computer you want to log off from, power down, or reboot. This name can be the NetBIOS name, DNS name, or IP address of the remote machine. You will then be presented with an input box that displays a menu of options:

1 - Logoff
2 - Force Logoff
3 - Powerdown
4 - Force Powerdown
5 - Reboot
6 - Force Reboot

Simply type the number for the action you want to perform and press Enter.

1 comments:

Best SEO Service said...

I'm excellent Google Review , Linkbuilding , Citations , Backlinks builder , Blog commenting, Social bookmaking, Article Submission,
Directory Submission, Forum Posting, etc expert . If you need a person to complete your order very fast then I'm here to do that. I will do it for the very low budget but with great quality.


Contact Me

Skype : shamimporadaha
Number & WhatsApp : +880 1922375185
Email : shamimporadaha@gmail.com
Website : Best SEO Service
Fiverr : Fiverr Profile

Post a Comment