Home page logo
/

metasploit logo Metasploit mailing list archives

Re: domain_list_gen script errors
From: Carlos Perez <carlos_perez () darkoperator com>
Date: Sun, 25 Apr 2010 08:49:29 -0400

No bother at all, we thank you for reporting bugs. The error appears to be the regex that parses the output. I will 
look in to it.

Cheers,
Carlos Perez

Sent from My Mobile Phone

On Apr 25, 2010, at 1:55 AM, "Sherif Eldeeb" <archeldeeb () gmail com> wrote:

meterpreter > run domain_list_gen
[*] found users will be saved to
/root/.msf3/logs/domain_admins/SHERIFELDEEB_20100425.3043-38619/SHERIFELDEEB
_20100425.3043-38619.txt
[*] Accounts Found:
[*]     FOOBAR\Administrator
[*]     FOOBAR\Tmpl
[*]     FOOBAR\testAdmin
[*]     FOOBAR\Ahmed
[*]     FOOBAR\SBS
[*]     FOOBAR\Backup
[*]     FOOBAR\User
[*]     FOOBAR\SherifEldeeb
[-] Current session is not running as Domain Admin
meterpreter >

------------------------------------------

C:\Users\sherifeldeeb>net group "Domain Admins" /domain
The request will be processed at a domain controller for domain FOOBAR.COM.

Group name     Domain Admins
Comment        Designated administrators of the domain

Members

----------------------------------------------------------------------------
---
Administrator Tmpl       testAdmin                    Ahmed.Aly
SBS Backup User          SherifEldeeb
The command completed successfully.


C:\Users\sherifeldeeb>

------------------------------------------

Here's what happened:
. User names with spaces are being separated as different users, using space
as delimiter, . i.e. Single USER:"SBS Backup User" will be identified as
three users, USER:"SBS", USER:"BACKUP" and USER:"USER", and single
user:"Administrator tmpl" will be identified as two users "Administrator" &
"tmpl". 
. Usernames with "DOT" in them "Ahmed.Aly" will be spitted out by their
first part only "Ahmed".
. And last error, ([-] Current session is not running as Domain Admin)
that's not right, the session *is* running as a domain admin.

In the meantime, I'll stick to the good old "net group /domain" command to
get my token_hunt_user list :)
------------------------------------------


I apologize if I'm becoming noisy or annoying throwing every error I come
across to the mailing list, if this is the case, someone just tell me so
I'll slow down he rate of me spamming you. 

Regards,
Sherif.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]