Windows machine remote control web service and API

2020-07-15

Description

This tool enables remote control of any computer. It was developed for a friend in need of controling his sons gaming.

Pre-requisites

To install this tool you need to have the user rights to place folders on the remote machine.
To operate the tool towards a remote machine you need to have a user account that may use the remote machine. This is a built in integrity feature I implemented since it would be to much of a hacker tool otherwise.

Installation

To enable this utility:

Download WindowsRemoteCommandRunner.zip file.
Unzip it in a folder on the remote machine you want to control.
Make sure the start.cmd file is executed at login. This may be done by for example:
- Running it by placing a shortcut to it in the Autostart folder
- Starting Regedit.exe and adding an entry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- Registering the execution as a Windows Service (google for instructions)

Usage

There are a few ways of using this utility.

This utility require a Windows login for the computer you attempt to control for basic integrity purposes.

Web page use

Directing a web browser to port 5000 of the default url of the remote machine will produce the screen below:

screenshot — *Screenshot (never mind the URL from development)*

This web page works well for intended purposes. You may lock or shutdown the remote computer. You can also send custom Windows CLU commands.

Prepared command

A request to http://remotemachinenameorip:port/api/WindowsCommand without any extra parameter will try to find if there is a file called 'cmd.txt' in the execution folder and try to execute the command in that file line by line.

This approach is included to enable a browser shortcut/favorite for easy access.

REST services

This is more advanced usage. There are a few options here. For short and simple commands you may use the HTTP GET parameters approach that is available from any browser but for more advanced stuff the HTTP POST one probably is easier.

HTTP GET with paramete

If you provide a 'cmd' parameter for the URL it will be treated as a command. Remeber to URL encode the string. E.g.:

        
        http://remotemachinenameorip:5000/api/WindowsCommand?cmd=shutdown%20/n

The URL with the parameter above will send the 'shutdown /n' command, sending a signal to shutdown the computer. The %20 is the URL encoded space character. In other words, anything after '?cmd=' will be interpreted as a command to execute and the execution text feedback will be presented in the output pane.

The GET method is the default from any web browser. This makes this accessible from any web browser by just setting the URL of the browser to the service API and provide the command as a URL parameter.

HTTP POST

The body of anything you post to http://remotemachinenameorip:5000/api/WindowsCommand will be treated as a command. If there are several lines in the request body each line will be executed in sequence.

E.g. to lock computer screen:

        
        curl -d 'rundll32.exe user32.dll,LockWorkStation' -H 'Content-Type: text/plain' https://remotemachinenameorip:5000/api/WindowsCommand

Pre-set command

Any HTTP GET request to the default API endpoint without parameters will make the service look for a file named 'cmd.txt' in the same folder it is executed from and if that file is found each line in that file will be executed in sequence.