Metasploit mailing list archives
Re: Kitrap0d question
From: HD Moore <hdm () metasploit com>
Date: Fri, 29 Jan 2010 12:55:36 -0600
On 1/29/2010 11:22 AM, igor ransack wrote:
It seems even with NT Authority System privileges under both vista and 7 , hashdump ( under priv ) as well as the run hasdump module are still giving me error 87 [ [-] priv_passwd_get_sam_hashes: Operation failed: 87 ] I was wondering if anyone managed to successfully hashdump vs Vista or Windows 7 so far using Metasploit.
Good question - I reproduced this, but have no idea why this is the case. The security permissions on those keys should allow SYSTEM to read them.
N.B :: Migrate to explorer.exe or any kind of migrate as of todays build entirely breaks the session stream. Possibly related but I doubt it.
Migrate has now been fixed -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Kitrap0d question igor ransack (Jan 28)
- Re: Kitrap0d question Pavel Jirout (Jan 29)
- Re: Kitrap0d question igor ransack (Jan 29)
- Re: Kitrap0d question HD Moore (Jan 29)
- Re: Kitrap0d question HD Moore (Jan 29)
- Re: Kitrap0d question igor ransack (Jan 29)
- Re: Kitrap0d question c0lists (Jan 29)
- <Possible follow-ups>
- Re: Kitrap0d question jeffs (Jan 29)
- Re: Kitrap0d question HD Moore (Jan 29)
- Re: Kitrap0d question Pavel Jirout (Jan 29)