Metasploit mailing list archives
Re: Psexec error
From: Karan Ingle <karan.ingle () gmail com>
Date: Thu, 20 May 2010 13:19:08 +0530
Thanks for the reply Mark. The link was helpful. But unfortunately didnt solve the issue. The following helped me connect using psexec v1.96: "I did patch the resource file (psexecvc.exe) because the service didn't want to load due to the same problem with the OS/Subsystem settings. As a test I attempted to start notepad.exe nothing happened unlike XP which worked, all I could see was psexecvc.exe loaded in the process list. After double check again today it appears that notepad.exe does indeed load but for some reason was invisible to the desktop, perhaps this is to be expected of NT4?? So I tried "psexec.exe c:\winnt\system32\cmd.exe /c notepad.exe" instead which seems to have done the trick. :) As for patching psexec.exe v1.96 find a decent hex editor go to the following locations $120, $128, $2F230, $2F238 and change $05 to $04. " - Richard S. Ref: http://84.45.57.224/psexec-error-on-nt4_topic20629.html I am not that good at editing ruby files so could not patch the msf psexec. QUICK FIX: edit the psexec v1.96 and connect to the target. keep the session active(so PSEXESVC is running on the target). Then run the msf and use the psexec exploit and Njoy!!!! ;) Karan Ingle. On Thu, May 20, 2010 at 7:55 AM, Mark Baggett <lo127001 () gmail com> wrote:
Does this help? http://pauldotcom.com/2009/12/why-your-metasploit-psexec-mod.html Mark Baggett On May 19, 2010, at 8:05 AM, Karan Ingle wrote: Tried using the psexec exploit to connect to a remote windows 2003 server. I kept getting connection refused. so i tried connecting using psexec and got the following error: o:\tools>psexec.exe \\10.64.5.X -u DOMAIN\administrator cmd.exe PsExec v1.95 - Execute processes remotely Copyright (C) 2001-2009 Mark Russinovich Sysinternals - www.sysinternals.com Password: Could not start PsExec service on 10.64.5.204: %1 is not a valid Win32 application. This lead to a trouble-shooting search where i stumbled upon- http://84.45.57.224/psexec-error-on-nt4_topic20629.html PLEASE NOTE: i have administrator(local and domain) access tot he server and all anti-virus/security software are disabled on the target. Aim is to get a meterpreter shell. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Psexec error Karan Ingle (May 19)
- Re: Psexec error Mark Baggett (May 19)
- Re: Psexec error Karan Ingle (May 20)
- Re: Psexec error Mark Baggett (May 19)