The Admin’s Arsenal: lsgrab.exe

Several months ago I found myself with a unique need; I needed to take screenshots of a remote machine at specified times during the day (don’t ask, it’s a long story filled with management douchebaggery). I did quite a bit of searching, and eventually settled on lsgrab.exe by Geert Moernaut (I’m pretty sure this guy is responsible for Lansweeper, which El Di Pablo recently reviewed).

This little gem is a console application designed to do one thing: take screenshots of remote computers.

There are a few caveats (but it filled the need I had):

It is NOT free. It is donation ware, the author requests a €5 donation (about $9 USD), however this is not stated anywhere before you download it (it’s in the readme file in the .zip download).
You must have administrative permissions on the target computer.
Someone must be logged on to the target computer.
Works on Windows 2000, Windows 2003, XP (I haven’t tested it on Vista or 2008 yet).

Since it’s a console app I just copied it into the C:\Windows directory on my workstation, and then wrote a script to use it to take timestamped screenshots. Worked great. I’m not sure what other uses I might find for it, but for the $9 buy in, it is definitely something I will drop into my bag of tricks.

You can download lsgrab.exe here

This entry was posted by Joe Glessner on August 11, 2008 at 12:00 am, and is filled under Admin's Arsenal, Free Download. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site.

Comments (6)

#1 written by Johnny Admins
August 11, 2008 - 12:07 pm

Quote

Don’t you hate corporate Douche-Baggery? I sure do! Hehehe great article.

Click to Reply to This Comment.
Joe Glessner Reply:
August 11th, 2008 at 1:07 pm
Ugh, it drives me nuts! I mean c’mon, aren’t we all adults here? Can’t we just act like it? Some days I feel like Dad constantly telling the “kids” to behave :)

Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
August 11th, 2008 at 1:11 pm
You and me both buddy. The stories I could tell… The lives I can shatter with a few lines from our proxy server’s log.

I wish corporate would stick by its rules instead of heading up black op’s!

Click to Reply to This Comment.
#2 written by El Di Pablo
August 11, 2008 - 3:48 pm

Quote

For remote screen shots, I have used “Screen Grabber”

http://www.bauer-power.net/2008/01/take-screenshot-remotely.html

I hate douchebaggery as well!

I just had a secret agent mission myself recently where I had to secretly search a remote laptop for files containing certain key words. I felt like such an A-Hole doing it, but hey, its a living.

Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
August 11th, 2008 at 8:57 pm
Not only is it a living its a hard market to find work in!

Click to Reply to This Comment.
#3 written by Mike R.
August 12, 2008 - 9:24 am

Quote

This is a great tool and a great article. I love seeing these real world examples Joe. Please keep them coming.

I look forward to my ata updates everyday. Do you have a best of feed?

Click to Reply to This Comment.
#4 written by Russ G.
August 12, 2008 - 6:25 pm

Quote

I agree, it’s a great tool. I would be interested in how you timestapped your screenshots. Can you please supply your script?

cheers

Click to Reply to This Comment.
#5 written by Joe Glessner
August 13, 2008 - 1:18 pm

Quote

Sure, you can view the script I used here: http://joe-it.com/vbs_lsgrabremote.html

Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
August 13th, 2008 at 2:17 pm
Thanks Joe and that is my first glimpse of your site. I laughed my ass off on the 404 error.

It’s all fun and games until someone looses an eye (or a webmaster and a eye in this case)

Click to Reply to This Comment.
Joe Glessner Reply:
August 13th, 2008 at 2:37 pm
Thanks, that site is something that I’ve been working on for like 2 years lol. I just can’t seem to find the time to get it complete. It started out as an internal site at my last job, something for the guys to have a good laugh over and still be able to find things.

Then I got onto this “everything has to be html and css” kick, and well you see where it’s gotten me.

One of these days I’ll find the time to go through and fix all those broken links, and maybe even get all my content converted over from the old site. Then again I may just switch web hosting to slicehost, and install wordpress, I kinda like not having to write pages in html… :)

Click to Reply to This Comment.
Russ G. Reply:
August 14th, 2008 at 4:03 am
Thanks very much Joe. That is a nice template.

Click to Reply to This Comment.
#6 written by Espi
September 21, 2008 - 10:32 pm

Quote

Hi.
Its a nice toy.
But Mcafee (.dat of september 2008) says that it contain a troyan called “Generic PWS.y”.
This troyan is a key logger (and other things).

Its a false positive?
Anybody can confirm this?

Regards

Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
September 22nd, 2008 at 11:37 am
I just downloaded and rescanned – looks clean as a bell to me. Anyone else seeing virus warnings?

Click to Reply to This Comment.