Home page logo

metasploit logo Metasploit mailing list archives

Re: privs module auto-load
From: Richard Miles <richard.k.miles () googlemail com>
Date: Fri, 4 Jun 2010 22:04:02 +0000

Thanks, nice feature. By the way, it do not work on my system (maybe
it's patched).

meterpreter > getuid
meterpreter > getsystem -t 1
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 2
getsystem -t [-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 3
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 4
[-] priv_elevate_getsystem: Operation failed: 3221225477

There is any other trick on meterpreter to escalate priv?


On Fri, Jun 4, 2010 at 3:18 PM, HD Moore <hdm () metasploit com> wrote:
On 6/4/2010 10:09 AM, Richard Miles wrote:
I got confused not. use priv means that you will be changed to SYSTEM
priv when you are admin, righ?

The "use priv" command loads the priv extension into meterpreter. This
provides some additional commands, including "getsystem".

I never seen this getsystem before. I mean, there is not privilege
escalation for normal/restricted users change to SYSTEM on
meterpreter, right?

Thats exactly what it is - it elevates from a normal user to SYSTEM when
possible (kitrap0d) and from an administrative user to SYSTEM otherwise
(required to migrate on newer Windows).




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]