Use PsExec to run commands on user session via qemu guest agent

U

user8923428934

Member
Feb 24, 2022
30
0
11
35
Hi,

I'm trying to execute a script on a vm via the qemu guest agents api exec. However all the commands get executed without a connection the the current user session. so when I for example run powershell via the api it only shows up in task manger as a process but does not show the console on the GUI. Therefore my idea was to run Psexec on the remote machine with the -i flag but still no luck. don't see anything in the GUI

Does anyone have experience with this?

Thanks
 
Hello,

The QEMU Guest Agent is running as NT Authority\SYSTEM which means if you a command e.g., `whoami` you will see that you are running as SYSTEM, which means you run a powershell.exe/notebad.exe, etc.. with high integrity and your user with low/medium integrity.

EDIT: Use Process Explorer to see which integrity level your programs are running at.
 
You must log in or register to reply here.
Top Bottom