/rdpcmd-ruby

Run commands over RDP on massive number of hosts

Primary LanguageRubyMIT LicenseMIT

Rdpcmd

Execute commands on Windows via RDP. Helps if you need to run commands on large number of hosts. It is using remmina and xdotool to execute commands.

Installation

Quick installation:

sudo apt-get install xdotool remmina
gem install rdpcmd
remmina # just to generate global secret
rdpcmd --help # you'll find your way further

Add this line to your application's Gemfile:

gem 'rdpcmd'

And then execute:

$ bundle

Or install it yourself as:

$ gem install rdpcmd

Usage

Run whoami on 192.168.1.1 and wait 5 seconds after:

rdpcmd -u user -p password -i 192.168.1.1 -c 'whoami' -x 3

Enable WinRM on 192.168.1.1 and wait 5 seconds to finish winrm quikconfig before exiting terminal:

rdpcmd -u user -p password -i 192.168.1.1 -e -c 'winrm quickconfig -quiet -force' -x 5

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/kost/rdpcmd-ruby. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.

License

The gem is available as open source under the terms of the MIT License.

Known Limitations

Since it is Proof of Concept (PoC), it have some limitations (pull requests are welcome!):

  • You have to match keyboard layout (or command you type will differ from what is typed on RDP session)
  • Don't use it from untrusted inputs (google 'command injection' and how scary it is)
  • Does not handle errors well (connection failure, wrong credentials, etc)
  • Will not report if it fails
  • You have to play with timeouts/sleeps if you have slow network or host targets