Home page logo

metasploit logo Metasploit mailing list archives

Re: Psexec on W2K8
From: "Adrian Puente Z." <apuente () hackarandas com>
Date: Sat, 21 May 2011 01:19:47 -0500 (CDT)

Hash: SHA1

In my experience It haven't worked easily so what I did was using the PSexec from sysinternals 
(http://technet.microsoft.com/en-us/sysinternals/bb897553) and using the Admin credentials (you are gonna need the actual Admin 
Password not only the hash) I run something like after I've created a payload with msfpaylad.

psexec \\Computer -u USER -p PASS -c -f -d msf-payload.exe

And create a multihandler in my computer and worked fine. In the case of elevating privileges to system the "getsystem" 
doesn't worked. What I did was create a task that runs the same payload but with system privs.

You can use the at or schtasks but in my case It was a hardened computer and those doesn't worked (not even the Carlos 
Perez's scripts) so I used a vncinject and created the task by hand using the GUI.

I hope this idea helps.


On Fri, 20 May 2011, Flippen, Benoit C wrote:

Anyone have any luck running psexec on a W2K8 box?

Using admin credentials, it drops the file, creates the service, etc.,
but never gets the payload executed. On the remote system, the event
logs show an error about interactive services not being allowed in W2K8.

Any ideas? I'm sure it's something simple I'm missing.


This email is UNCLASSIFIED

- -- Adrián Puente Z.
Donde las ideas se dispersan en bytes...

"... ruego a mi orgullo que se acompañe siempre de mi prudencia,
y si algun dia mi prudencia se echara a volar, que al menos
pueda volar junto con mi locura"

Huella: FBD6 4C36 2557 C64C 1318  70A8 F561 CB6F 4E40 5AFB

Version: GnuPG v1.4.9 (GNU/Linux)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]