Metasploit mailing list archives
Re priv_passwd_get_sam_hashes: Operation failed: 87
From: egypt at metasploit.com (egypt at metasploit.com)
Date: Mon, 2 Mar 2009 08:53:49 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The priv extension is loaded automatically if the exploit advertises that it gives privileges, as is the case with all of the exploits under windows/smb/ and windows/dcerpc/. (This behavior has been around since subversion revision 5427, before the 3.2 release.) Some exploits give privileges even though they don't say they do. For example, if a user running as administrator connects to metasploit with a vulnerable version of IE, the session will have administrator privileges. In this example, it doesn't make sense to mark all browser exploits as granting privs, because not all users run their browser as administrator. Hope this helped, egypt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: http://getfiregpg.org iEYEARECAAYFAkmsAPwACgkQABHabZqEWJ1nRwCfQq04cLumfJSHQmKoONG45/uc ackAnjNhVGngkiXkqv+ueZyuIiECw1lY =Srz5 -----END PGP SIGNATURE----- On Mon, Mar 2, 2009 at 6:13 AM, <wullie19 at ntlworld.com> wrote:
Have you tried to use the hashdump without loading the priv extension? Dont know about you guys but when I use the meterpreter the priv extension is already loaded and I can use the hashdump function as soon as ive got the meterpreter prompt. -rogue _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
Current thread:
- Re priv_passwd_get_sam_hashes: Operation failed: 87 wullie19 at ntlworld.com (Mar 02)
- Re priv_passwd_get_sam_hashes: Operation failed: 87 egypt at metasploit.com (Mar 02)