.NET - Copying an executable across LAN to another computer, and executing it

Question

I'm using .NET, and going crazy trying to find any helpful API that lets me transfer a file across a LAN network (trough admin credentials of course) and then execute it on that machine.

I've read some thing using WMI, but googling for ".net WMI copy files" or ".net WMI execute files" isn't helping me at all.

Any references would be greatly appreciated.

EDIT

I can't use a third party tool such as PsExec (although it does perfectly what I need). This is because of the license involved with PsExec I cannot distribute it with my application.

Answer 1

I know it's been years, but ran into this challenge and came accross this post (among others) so going to share the solution in case it helps anyone moving forward. It can be used to move any file you want over WMI.

Solution:

1: Convert EXE to Base64

byte[] bytes = File.ReadAllBytes(pathToExe);
String file = Convert.ToBase64String(bytes);

2: Echo Base64 to a file over WMI and decode with certutil

ConnectionOptions co = new ConnectionOptions();

// isLocal is a variable indicating whether machine name/IP is local    
if (!isLocal) {  
    co.Username = "domainOrMachine\accountName";
    co.Password = "password for account";
    co.EnablePrivileges = true; 
    co.Impersonation = ImpersonationLevel.Impersonate;
}

//ip is a vaiable holding the target endpoint
ManagementScope s = new ManagementScope(@"\\" + ip + @"\root\cimv2", co);
s.open();

ObjectGetOptions ogo = new ObjectGetOptions();
ManagementClass prog = new ManagementClass(s, new 
ManagementPath("Win32_Process"), ogo);
ManagementBaseObject mbo = prog.GetMethodParameters("Create");

mbo["CommandLine"] = @"cmd /c ""echo " + base64String + @" > c:\windows\temp\b64_exec.txt && certutil -decode c:\windows\temp\b64_exec.txt c:\windows\temp\b64_exec.exe && c:\windows\temp\b64_exec.exe""";

prog.InvokeMethod("Create", mbo, null);

Now, there are some gotcha's that need to be highlighted

• The entire command passed can't have a length greater than 8191 characters, the maximum length of a command
• You can break up the base64 file and send it in multiple chunks - just remember that > pipes to a new file or overwrites an existing file and >> appends or adds to an existing file.
• You will want to also issue a del command to clean up the base64 file - depending on the room available, you might have to make a second WMI call to invoke that.

In my case, I didn't want to send a full 2MB file 7000 characters at a time, so I created a simple .net downloader that compiled to less than 6KB and got it all into a single statement (as per above.) It downloads my executable and when complete (when I see the file I want, queried over WMI) I just delete it over WMI.

Answer 2

I don't think that this is easily achieved. You can however copy the exe with .net. And then (also from .net, with Process.Start) invoke psExec and make it execute the program remotely.