Re priv_passwd_get_sam_hashes: Operation failed: 87

[egypt at metasploit.com (egypt at metasploit.com)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The priv extension is loaded automatically if the exploit advertises
that it gives privileges, as is the case with all of the exploits
under windows/smb/ and windows/dcerpc/.  (This behavior has been
around since subversion revision 5427, before the 3.2 release.)  Some
exploits give privileges even though they don't say they do.  For
example, if a user running as administrator connects to metasploit
with a vulnerable version of IE, the session will have administrator
privileges.  In this example, it doesn't make sense to mark all
browser exploits as granting privs, because not all users run their
browser as administrator.

Hope this helped,
egypt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: http://getfiregpg.org

iEYEARECAAYFAkmsAPwACgkQABHabZqEWJ1nRwCfQq04cLumfJSHQmKoONG45/uc
ackAnjNhVGngkiXkqv+ueZyuIiECw1lY
=Srz5
-----END PGP SIGNATURE-----

On Mon, Mar 2, 2009 at 6:13 AM,  <wullie19 at ntlworld.com> wrote:
> Have you tried to use the hashdump without loading the priv extension?
> Dont know about you guys but when I use the meterpreter the priv extension is
> already loaded and I can use the hashdump function as soon as ive got the
> meterpreter prompt.
>
> -rogue
> _______________________________________________
> http://spool.metasploit.com/mailman/listinfo/framework