Home page logo
/

metasploit logo Metasploit mailing list archives

Re: domain_list_gen script errors
From: Carlos Perez <carlos_perez () darkoperator com>
Date: Sun, 25 Apr 2010 09:58:34 -0400

Just tested the script with some changes and it should work now with dots, space and underscores. Please test.

Cheers,
Carlos Perez

Sent from My Mobile Phone

On Apr 25, 2010, at 1:55 AM, "Sherif Eldeeb" <archeldeeb () gmail com> wrote:

meterpreter > run domain_list_gen
[*] found users will be saved to
/root/.msf3/logs/domain_admins/SHERIFELDEEB_20100425.3043-38619/SHERIFELDEEB
_20100425.3043-38619.txt
[*] Accounts Found:
[*]     FOOBAR\Administrator
[*]     FOOBAR\Tmpl
[*]     FOOBAR\testAdmin
[*]     FOOBAR\Ahmed
[*]     FOOBAR\SBS
[*]     FOOBAR\Backup
[*]     FOOBAR\User
[*]     FOOBAR\SherifEldeeb
[-] Current session is not running as Domain Admin
meterpreter >

------------------------------------------

C:\Users\sherifeldeeb>net group "Domain Admins" /domain
The request will be processed at a domain controller for domain FOOBAR.COM.

Group name     Domain Admins
Comment        Designated administrators of the domain

Members

----------------------------------------------------------------------------
---
Administrator Tmpl       testAdmin                    Ahmed.Aly
SBS Backup User          SherifEldeeb
The command completed successfully.


C:\Users\sherifeldeeb>

------------------------------------------

Here's what happened:
. User names with spaces are being separated as different users, using space
as delimiter, . i.e. Single USER:"SBS Backup User" will be identified as
three users, USER:"SBS", USER:"BACKUP" and USER:"USER", and single
user:"Administrator tmpl" will be identified as two users "Administrator" &
"tmpl". 
. Usernames with "DOT" in them "Ahmed.Aly" will be spitted out by their
first part only "Ahmed".
. And last error, ([-] Current session is not running as Domain Admin)
that's not right, the session *is* running as a domain admin.

In the meantime, I'll stick to the good old "net group /domain" command to
get my token_hunt_user list :)
------------------------------------------


I apologize if I'm becoming noisy or annoying throwing every error I come
across to the mailing list, if this is the case, someone just tell me so
I'll slow down he rate of me spamming you. 

Regards,
Sherif.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]