Metasploit mailing list archives
Win32 net user /add payload
From: hdm at metasploit.com (H D Moore)
Date: Thu, 3 Mar 2005 18:34:41 -0600
Hello, The win32_adduser payload is actually just a wrapper around the "win32_exec" payload. If you are expoiting any non-English target, the administrator group name has to be changed. The easy way is to just run the command manually with win32_exec: msf exploit_name(win32_exec) > set CMD "cmd.exe /c net user USER PASS /ADD && net localgroup ADMINGROUP USER /ADD" msf exploit_name(win32_exec) > exploit In the future, we may add an option to this payload to specify the language or just the name of the group -- it seems to come up often enough =) -HD On Thursday 03 March 2005 18:29, Thomas Schmidt wrote:
Hi list, I noticed a problem with the "net user x x /add" payload on a german Win2k SP4. I was able to successfully run some exploits using this payload, thereby creating a new user "test" - but this user was not added to the "Administratoren"-Group (notice the slightly different spelling of the group name on a german W2k box). Is this a language-specific problem or did I get something wrong? If it is language-specific, how do change the shellcode? Regards, Thomas
Current thread:
- Win32 net user /add payload Thomas Schmidt (Mar 03)
- Win32 net user /add payload H D Moore (Mar 03)