From 8b37fe2f102dc8980e911d5899a21025c87da907 Mon Sep 17 00:00:00 2001 From: wh1te909 Date: Thu, 19 Nov 2020 15:09:17 -0800 Subject: [PATCH] improve recovery cmd --- agent/agent_windows.go | 12 +++++++++--- agent/winagentsvc_windows.go | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/agent/agent_windows.go b/agent/agent_windows.go index f8a4872..8178339 100644 --- a/agent/agent_windows.go +++ b/agent/agent_windows.go @@ -557,9 +557,15 @@ func (a *WindowsAgent) RecoverMesh() { //RecoverCMD runs a shell recovery command func (a *WindowsAgent) RecoverCMD(command string) { - a.Logger.Debugln("Attempting shell recovery on", a.Hostname) - a.Logger.Debugln(command) - _, _ = CMDShell("cmd", []string{}, command, 18000, true) + a.Logger.Infoln("Attempting shell recovery with command:", command) + // call the command with cmd /C so that the parent process is cmd + // and not tacticalrmm.exe so that we don't kill ourself + cmd := exec.Command("cmd.exe") + cmd.SysProcAttr = &windows.SysProcAttr{ + CreationFlags: windows.DETACHED_PROCESS | windows.CREATE_NEW_PROCESS_GROUP, + CmdLine: fmt.Sprintf("cmd.exe /C %s", command), // properly escape in case double quotes are in the command + } + cmd.Start() } func (a *WindowsAgent) LocalSaltCall(saltfunc string, args []string, timeout int) ([]byte, error) { diff --git a/agent/winagentsvc_windows.go b/agent/winagentsvc_windows.go index 591885f..a8dcce8 100644 --- a/agent/winagentsvc_windows.go +++ b/agent/winagentsvc_windows.go @@ -113,7 +113,7 @@ func (a *WindowsAgent) WinAgentSvc() { go a.RecoverMesh() case "command": if cmd, ok := data["cmd"].(string); ok { - go a.RecoverCMD(cmd) + a.RecoverCMD(cmd) } } }