Logfile¶
MRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager. mRemoteNG/mRemoteNG. Jan 06, 2014 Due to the fact that mRemoteNG holds all of the passwords in a reversible encryption (so that it can use it), it is possible to extract them on a per connection basis. To achieve this, we will have mRemoteNG pass the “password” parameter to be “echo”ed in a regular old command prompt.
The mRemoteNG.log is located in the following location:
MSI/Installed version¶
Portable version¶
Crash at Startup¶
Try deleting the
user.config
file. It contains all the user-specific program settings. This file is automatically upgraded between version when new user settings are added.Installed Version¶
Portable Version¶
Crash Information¶
- Provide the Stack Trace from the crash prompt or from the Windows Application Event Log example)
- Check C:UsersAll UsersMicrosoftWindowsWERReport* folders for any reports related to mRemoteNG
- Check %LOCALAPPDATA%CrashDumps for any mRemoteNG.exe.*.dmp files
- Attach the Error Reports, Dumps and mRemoteNG.log to a new Issue
Backup and Recovery¶
By default, your connections file is backed up every time it is saved.These backup files are normal/valid connections file - they have only been renamed to avoid being overwritten.mRemoteNG will save the 10 most recent backups.
Files and Locations¶
Your backup files are located in the same place as your normal connections file.This could be one of three places:
- Normal version: %AppData%mRemoteNG
- Portable version: In the same location as mRemoteNG.exe
- If you have saved your confCons.xml to a custom location, go there.
There are 2 different backup naming schemes:
- confCons.xml.backup is the most recent backup that was taken.
- confCons.xml.YYYYMMDD-HHmmssxxxx.backup is a rolling backup that was moved to a rolling backup file on the date specified in the file name.
Recovering corrupted connections file¶
If you find that your confCons.xml file has corrupted or has lost its data,you will need to revert to a previous version.
- Locate your confCons.xml file
- Find the most recent backup file that appears to have data (>1KB in size).
- Rename or delete the corrupted confCons.xml file.
- Rename the chosen backup file to remove the date stamp and .backup suffix. Unless you set a custom path, your backup file should now be named confCons.xml.
Dell brightness not changing windows 10. Update 2019/06/29: Add ExtApp.xml at the end of this post
Application: Windows Computer Manager
This will let you launch the Windows Computer Management MMC against the selected host. This MMC will let you view event logs, manage users, configure disks, manage services, and a whole bunch more.
- Filename:
C:windowssystem32compmgmt.msc
- Arguments:
/Computer=%Hostname%
Application: Zenmap GUI
Zenmap is a GUI front-end for nmap. This is the standard port-scanning tool in use by anybody who knows the difference. Gives you all sorts of detail you won’t find in the built-in port scanning tool.
- Filename:
C:Program FilesNmapzenmap.exe
- Arguments:
-p 'Quick scan plus' -t %Hostname%
Application: WinSCP
WinSCP is a great, free GUI Secure Copy program.
- Filename:
C:Program FilesWinSCPWinSCP.exe
- Arguments:
scp://%Username%:%Password%@%Hostname%/
Application: FileZilla FTP
Free and open source FTP client for most platforms. - Filename:
C:Program FilesFileZilla FTP Clientfilezilla.exe
- Arguments:
ftp://%Username%:%Password%@%Hostname%
Application: FileZilla SFTP
Same as above, but using the Secure FTP (SFTP) protocol.
- Filename:
C:Program FilesFileZilla FTP Clientfilezilla.exe
- Arguments:
sftp://%Username%:%Password%@%Hostname%
Application: VMware Virtual Infrastructure Client
This is specific to anybody managing a VMware vSphere or ESX environment. This will launch the VI client against the selected host. If the host is an ESX server, it will simply connect to the ESX server. If the host is a Windows machine running vCenter, it will attach to the full vCenter environment.
- Filename:
C:Program FilesVMwareInfrastructureVirtual Infrastructure ClientLauncherVpxClient.exe
- Arguments:
-s %Hostname% -u %Username% -p %Password%
Application: Firefox
I personally don’t like the browser integration in mRemoteNG. It doesn’t allow me to use all of my Firefox plugins. Therefore I just use a an external app to launch websites.
- Filename:
C:Program FilesMozilla Firefoxfirefox.exe
- Arguments:
%Hostname%
Application: Ping
It’s ping, needs no explanation
- Filename:
cmd
- Arguments:
/c ping -t %HostName%
Application: Traceroute
Again, no explanation needed…
- Filename:
cmd
- Arguments:
/c set /P = | tracert %HostName%
Application: Cygwin
What’s better than managing all kinds of remote servers with mRemoteNG? Locally managing with mRemoteNG of course! Just install Cygwin and the mintty.
- Filename:
C:cygwinbinmintty.exe
- Arguments:
-
Application: TOAD
- Filename:
C:Program FilesQuest SoftwareToad for OracleTOAD.exe
- Arguments:
Connect=%Username%/%Password%@%UserField%
I use the UserField for the SIDBUT WATCH OUT they’ve changed the command line syntax between versions (just search within you TOAD Help for command line)
Application: mcgetmac (MC-WOL Homepage)
Description: find the MAC of a PC (useful for MC-WOL - see below)
- Filename:
AppsMC-WOLmcgetmac.bat
- Arguments:
%Hostname%
Download themcgetmac.exe
, put it to mRemoteNG’s subfolder (AppsMC-WOL) and create a mcgetmac.bat with the following 2 lines
Application: Wake-On-LAN (MC-WOL Homepage)
Description: wake up a remote PC over the network (find the MAC by using the mcgetmac.bat from above)
- Filename:
AppsMC-WOLmc-wol.exe
- Arguments:
%MacAddress% /a %Hostname%
Application: Google Chrome
- Filename:
portableGoogleChromePortableGoogleChromePortable.exe
- Arguments:
%HostName%
Application: Internet Explorer
- Filename:
Internet ExplorerIEXPLORE.EXE
- Arguments:
%HostName%
Application: Samba
- Filename:
portableNotepad++PortableNotepad++Portable.exe
- Arguments:
samba%Hostname%_sambaconf.txt
Application: Traceroute
- Filename:
cmd
- Arguments:
/c set /P = | tracert %HostName%
Application: Ping
- Filename:
cmd
- Arguments:
/c ping -t %HostName%
Application: VNC Viewer
- Filename:
portablevncvnc-4_1_2-x86_win32_viewer.exe
- Arguments:
%HostName%
Application: Windows Computer Manager
- Filename:
C:WINDOWSsystem32compmgmt.msc
- Arguments:
/Computer=%HostName%
Application: WinSCP
![Mremoteng Mremoteng](https://www.appsformypc.com/wp-content/uploads/2019/03/mrng.png)
- Filename:
portableWinSCPWinSCP.exe
- Arguments:
scp://%Username%:%Password%@%Hostname%/
Application: Zabbix
- Filename:
/zabbix/search.php?search=%HostName%Arguments:
Application: Zenmap GUI
- Filename:
portableNmapzenmap.exe
- Arguments:
-p 'Quick scan plus' -t %Hostname%
Application: Check Remoteconnection
- Filename:
check_remote.bat
- Arguments:
%HostName%
Application: Configure Samba
- Filename:
configure_Samba.bat
- Arguments:
%HostName% %username% %password%
Sysinternals tools: http://technet.microsoft.com/en-us/sysinternals/default.aspxSYDI: http://sydiproject.com/
Application: [HTTPS] Dell OpenManage [port 1311]
- Filename:
iexplore
- Arguments:
https://%Hostname%:1311
Application: [HTTPS] HP HomePage [2381]
- Filename:
iexplore
- Arguments:
https://%Hostname%:2381
Application: [HTTPS] ILO [81]
- Filename:
iexplore
- Arguments:
https://ilo-%Hostname%:81
Application: [HTTPS] LocalHost [80]
- Filename:
iexplore
- Arguments:
http://%hostname%
Application: [MSC] Compmgmt
- Filename:
compmgmt.msc
- Arguments:
/computer:%hostname%
Application: [MSC] Services
- Filename:
services.msc
- Arguments:
/computer:%hostname%
Application: [TOOL] Inventory with SYDI
- Filename: `cmd
- Arguments:
/k cscript %mremote%scriptssydisydi-server.vbs -wabefghipPqrsu -racdklp -ew -f10 -d -t%hostname%
You need to have MSWORD on your machine (you can also export in xml/html)
Application: [TOOL] Command Prompt (using SysInternals PSEXEC)
- Filename:
cmd
- Arguments:
/k %tools%psexec.exe %hostname% cmd.exe
In my case i added %tools% (system variable)
Application: [TOOL] Files Opened (using SysInternals PSFiLE)
- Filename:
cmd
- Arguments:
/k %tools%psfile.exe %hostname%
Application: [TOOL] Logged-on users (using SysInternals psloggedon.exe)
- Filename:
cmd
- Arguments:
/k %tools%psloggedon.exe %hostname%
Application: Netstat (Listening ports)(using Sysinternals PSEXEC)
- Filename:
cmd
- Arguments:
/k %tools%psexec.exe %hostname% netstat -nab |find /i
Application: Nslookup
- Filename:
cmd
- Arguments:
/K nslookup %hostname%
Application: RDP /Admin (Console Session)
- Filename:
cmd
- Arguments:
/c mstsc /v:%hostname%:3389 /admin
Application: Processes List (Powershell)
- Filename:
powershell
- Arguments:
-noexit Get-wmiobject win32_process -computername %hostname% | Select-Object __server,name,processid,sessionid,vm,ws,description,executablepath,osname,windowsversion,__path | Out-GridView
Application: Shares List (Powershell)
Mremoteng Ppk
- Filename:
powershell
- Arguments:
-noexit Get-WmiObject win32_share -computer %hostname%|sort name|fl
Application: Shutdown GUi
- Filename:
shutdown
- Arguments:
/i /m %hostname%
Mremoteng Exploit
As requested in comment, here is the ExtApp.xml file.