We have a requirement for the development of a stand-alone command-line utility with PSExec-like ([login to view URL]) functionality. We would prefer that the utility use RemCom ([login to view URL]) for as a reference to speed up the development process.
Another developer has created a fork of the RemCom project ([login to view URL]). We would like for the utility in addition to remote command execution to have the following capabilities (web links with reference source code provided for all functionality required):
* Ability to accept a range of IP addresses from the command-line, or from a file
* Be able to search a remote filesystem for a file or list of files. Download the file(s) if detected on the remote filesystem to a directory named with the hostname of the computer. In this folder along with each downloaded file will also be a file named the hostname of the computer and that will have the MAC address, IP address, Domain Name or Workgroup, and the output of the netstat, route print, arp -a, and systeminfo commands.
* Ability to read/write data over TCP/UDP in manner similar to netcat (<[login to view URL]>) or sbd ([login to view URL])
* Ability to tunnel over both HTTP and HTTPS similar to proxytunnel ([login to view URL])
* Ability to tunnel over ICMP similar to ping tunnel ([login to view URL])
* Ability to tunnel over DNS similar to heyoka ([login to view URL])
* Ability to authenticate via NTLM with a proxy similar to [login to view URL]
* Ability to do pass-the-hash ([login to view URL]), [login to view URL]~jmk/[login to view URL]
We will provide the developer with VPN access to our lab network which will contain Win2K, XP, 2003, win7, 2008 hosts joined to an Active Directory. This tool must work on all of the different operating systems. The developer will be given administrative access to each of the hosts in the network to allow for thorough testing of the tool being developed.