There are some days where I screw things up pretty badly... And yes, the last resort would have been that remote control services I, of course, had left disabled or in manual start mode. Hence, you're pretty much so said; fried. After having lost access to one of my extending Labs remote location due to me being too bad and perhaps rushing things out, I've actually cobbled out a decent way to remotely start/stop mostly any services you'd want to.
The idea here is that in some part of the remote network (where it makes sense should I say) you'll setup some Remote Control services. My choice landed on TeamViewer (thanks guys!!) but there's plenty of such tools available.
Here is what I've done:
- Setup TeamViewer on a remote host, installing it with the default's settings
- Configure a remote connectivity password of our choice within TeamViewer (different than the session password automatically created/updated upon starting TeamViewer, both will work)
- Configure the TeamViewer service to start manually (it defaults to Automatic)
Once we have that, the next item we'll need is a trigger repository of some kind. A web server in our control will do just fine. On there, we will host a simple text file on which we will be able to shift values in order to either Start/Stop our TeamViewer services. For example:
C:\cobbling\teamviewer λ curl http://fqdn/hardcorecobbling/justdoit.txt 0
- We've installed TeamViewer on some remote hosts of interest in case of poor SysOps poo storms.
- We've set a 2nd password which we will always know.
- We've kept TeamViewer from running automatically.
- We've hosted a trigger file on an internet reachable destination.
Now comes the real hardcore cobbling. Below you'll find a slightly edited version of the Windows batch script I've left my box of interests running every two minutes (scheduled using the common Windows Task Scheduler (more on that later)):
@ECHO OFF SETLOCAL ENABLEEXTENSIONS :: script global variables FOR /f %%a IN ('WMIC OS GET LocalDateTime ^| FIND "."') DO SET DTS=%%a SET DateTime=%DTS:~0,8%-%DTS:~8,6% SET me=%~n0 SET parent=%~dp0 SET home=C:\cobbling\teamviewer SET log=C:\cobbling\teamviewer\logs\%me%_%DateTime%_log.txt :: Getting the pill c:\cobbling\wget.exe --quiet -O %home%\justdoit.txt http://fqdn/cobbling/justdoit.txt SET /p tv_status=<%home%\justdoit.txt :: Doing our cobbling if "%tv_status%"=="1" ( CALL :tee "[=== %me% @ %DateTime%% ---> Trigger file is set to ONE ===]" CALL :tee "[=== %me% @ %DateTime%% ---> Starting TeamViewer... ===]" net start TeamViewer CALL :tee "[=== %me% @ %DateTime%% ---> Started TeamViewer successfully... ===]" ) else ( CALL :tee "[=== %me% @ %DateTime%% ---> Trigger file is set to ZERO ===]" CALL :tee "[=== %me% @ %DateTime%% ---> Stopping TeamViewer... ===]" net stop TeamViewer CALL :tee "[=== %me% @ %DateTime%% ---> Stopped TeamViewer successfully... ===]" ) :: Cleaning up a bit CALL :cleanup "[=== %me% @ %DateTime%% ---> Cleaning up older log files... ===]" DEL %home%\justdoit.txt :: kissgoodnight & force execution to quit CALL :tee "[=== %me% @ %DateTime%% ---> ALL JOB DONE! ===]" EXIT /B %ERRORLEVEL% :: a function to write to the log file and stdout :tee ECHO %* >> "%log%" ECHO %* EXIT /B 0 :: a function to clean the log files older than 16 minutes (task is scheduled ti run every 2 minutes) :cleanup ECHO %* >> "%log%" ECHO %* ECHO >%temp%\temp.vbs for each File In CreateObject("Scripting.FileSystemObject").GetFolder("C:\cobbling\teamviewer\logs\").Files ECHO >>%temp%\temp.vbs If DateDiff("n",File.DateCreated,Now) ^> 16 Then File.Delete ECHO >>%temp%\temp.vbs next cscript /nologo %temp%\temp.vbs DEL %temp%\temp.vbs EXIT /B 0
And now we just need to schedule a Window Task Scheduler task running this script at the recurrence of our choice, I've opted for 2 minutes (task XML export below):
<RegistrationInfo> <Date>2021-06-05T09:56:50.5473604</Date> <Author>SUPABOX\obuno</Author> <URI>\TeamViewer_RC</URI> </RegistrationInfo> <Triggers> <TimeTrigger> <Repetition> <Interval>PT2M</Interval> <Duration>P1D</Duration> <StopAtDurationEnd>false</StopAtDurationEnd> </Repetition> <StartBoundary>2021-06-05T10:00:00</StartBoundary> <Enabled>true</Enabled> </TimeTrigger> </Triggers> <Principals> <Principal id="Author"> <UserId>S-load-of-numbers</UserId> <LogonType>Password</LogonType> <RunLevel>HighestAvailable</RunLevel> </Principal> </Principals> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>true</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>false</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <DisallowStartOnRemoteAppSession>false</DisallowStartOnRemoteAppSession> <UseUnifiedSchedulingEngine>true</UseUnifiedSchedulingEngine> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT72H</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context="Author"> <Exec> <Command>C:\cobbling\teamviewer\tv_logs.cmd</Command> </Exec> </Actions> </Task>
Should I mess things up, I've got now a triggerable remote access possibility. I can go and edit my http://fqdn/cobbling/justdoit.txt file with either 0 to stop TeamViewer or 1 to start it, wait for the task to run, connect via TeamViewer, sort my own mess out not forgetting to reset the trigger file to 0 afterwards.
Security wise, I would avoid the use any fqdn linking back to you. You basically just need a repository somewhere at your control. Furthermore, a WAF like FortiWeb would allow you to restrict access to your trigger file(s) and this from your remote locations edge public IPs uniquely, for example. Finally, the start trigger value can be any value of your choice, 1 being what anyone gifted with half a brain having RW access to the trigger file would probably try next...
One last neat thing with such cobbling is that different trigger file values could wake up different systems in different locations. Something like ATV98733 would start TeamViewer on a host seated in location A while BTV23799 would start TeamViewer on a host seated in location B and so on.
Old school yet ass savin'. Hope you found this post useful.
Image Credits: The Project 941 or Akula, Russian "Акула" ("Shark") class submarine (NATO reporting name: Typhoon) is a type of nuclear-powered ballistic missile submarine deployed by the Soviet Navy in the 1980s. https://astronaffft.artstation.com/projects/A0dmN#top