Home page logo
/

metasploit logo Metasploit mailing list archives

Re: privs module auto-load
From: Richard Miles <richard.k.miles () googlemail com>
Date: Fri, 4 Jun 2010 22:04:02 +0000

Thanks, nice feature. By the way, it do not work on my system (maybe
it's patched).

meterpreter > getuid
Server username: NT AUTHORITY\NETWORK SERVICE
meterpreter > getsystem -t 1
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 2
getsystem -t [-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 3
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 4
[-] priv_elevate_getsystem: Operation failed: 3221225477


There is any other trick on meterpreter to escalate priv?

Thanks

On Fri, Jun 4, 2010 at 3:18 PM, HD Moore <hdm () metasploit com> wrote:
On 6/4/2010 10:09 AM, Richard Miles wrote:
I got confused not. use priv means that you will be changed to SYSTEM
priv when you are admin, righ?

The "use priv" command loads the priv extension into meterpreter. This
provides some additional commands, including "getsystem".

I never seen this getsystem before. I mean, there is not privilege
escalation for normal/restricted users change to SYSTEM on
meterpreter, right?

Thats exactly what it is - it elevates from a normal user to SYSTEM when
possible (kitrap0d) and from an administrative user to SYSTEM otherwise
(required to migrate on newer Windows).

-HD

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]