Metasploit mailing list archives
Re: Privilege escalation in win7
From: Matt Gardenghi <mtgarden () gmail com>
Date: Wed, 05 May 2010 14:14:29 -0400
Which exploit? Can you successfully execute "run hashdump" and get the admin hash? Will incognito obtain the admin hash? Can you migrate to a different process?
On 5/5/2010 2:11 PM, Darren Shady wrote:
Yes; Picked an exploit and have a meterpreter session active. -- get system fails on all 4 modesLooks like it times out and causes NTVDM.exe to stop meterpreter > use priv Loading extension priv...success. meterpreter > use incognito Loading extension incognito...success. meterpreter > sysinfo Computer: DARREN-PC OS : Windows 7 (Build 7600, ). Arch : x86 Language: en_US meterpreter > getsystem[-] Error running command getsystem: Rex::TimeoutError Operation timed out.meterpreter > meterpreter > meterpreter > getsystem [-] priv_elevate_getsystem: Operation failed: 5 meterpreter > =[ metasploit v3.4.0-dev [core:3.4 api:1.0] + -- --=[ 547 exploits - 259 auxiliary + -- --=[ 208 payloads - 23 encoders - 8 nops =[ svn r9224 updated today (2010.05.05) My assumption is this is as expected *D**From:* framework-bounces () spool metasploit com [mailto:framework-bounces () spool metasploit com] *On Behalf Of *Matt Gardenghi*Sent:* Wednesday, May 05, 2010 12:01 PM *To:* framework () spool metasploit com *Subject:* Re: [framework] Privilege escalation in win7Do you have a meterpreter session? Getsystem just worked for me (though I don't know how patched the target really is).On 5/5/2010 1:58 PM, Darren Shady wrote:On a patched win7 system (MS10-015), what other options are available for privilege escalation?*D* This e-mail and any attachments may be privileged, confidential, and/or proprietary. If you are not the intended recipient of this email, please delete it and do not read, distribute, or reproduce it. The unauthorized use of this e-mail is strictly prohibited. Thank you._______________________________________________https://mail.metasploit.com/mailman/listinfo/frameworkThis e-mail and any attachments may be privileged, confidential, and/or proprietary. If you are not the intended recipient of this email, please delete it and do not read, distribute, or reproduce it. The unauthorized use of this e-mail is strictly prohibited. Thank you._______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Privilege escalation in win7 Darren Shady (May 05)
- Re: Privilege escalation in win7 Matt Gardenghi (May 05)
- Re: Privilege escalation in win7 Darren Shady (May 05)
- Re: Privilege escalation in win7 Matt Gardenghi (May 05)
- Re: Privilege escalation in win7 Darren Shady (May 05)
- Re: Privilege escalation in win7 Matt Gardenghi (May 05)
- Re: Privilege escalation in win7 Matt Gardenghi (May 05)