Metasploit mailing list archives
Re: domain_list_gen script errors
From: "Sherif Eldeeb" <archeldeeb () gmail com>
Date: Sun, 25 Apr 2010 17:39:33 +0300
Almost there, for some reason the script insists that I'm not a domain admin, which kind of offends me "script is case sensitive? Windows is not :)" also it gives a false positive for a user full of dashes "maybe from the output of the command". meterpreter > run domain_list_gen [*] found users will be saved to /root/.msf3/logs/domain_admins/SHERIFELDEEB_20100425.3335-64667/SHERIFELDEEB _20100425.3335-64667.txt [*] Accounts Found: [*] FOOBAR\--------------------------------------------------------------------- ---------- [*] FOOBAR\Administrator Tmpl [*] FOOBAR\ehaf [*] FOOBAR\Ahmed.Aly [*] FOOBAR\SBS Backup User [*] FOOBAR\SherifEldeeb <---- That's me [-] Current session running as FOOBAR\sherifeldeeb is not running as Domain Admin meterpreter > getuid Server username: FOOBAR\sherifeldeeb meterpreter > Regards, Sherif. -----Original Message----- From: Carlos Perez [mailto:carlos_perez () darkoperator com] Sent: Sunday, April 25, 2010 4:59 PM To: Sherif Eldeeb Cc: <framework () spool metasploit com> Subject: Re: [framework] domain_list_gen script errors Just tested the script with some changes and it should work now with dots, space and underscores. Please test. Cheers, Carlos Perez Sent from My Mobile Phone On Apr 25, 2010, at 1:55 AM, "Sherif Eldeeb" <archeldeeb () gmail com> wrote:
meterpreter > run domain_list_gen [*] found users will be saved to
/root/.msf3/logs/domain_admins/SHERIFELDEEB_20100425.3043-38619/SHERIFELDEEB
_20100425.3043-38619.txt [*] Accounts Found: [*] FOOBAR\Administrator [*] FOOBAR\Tmpl [*] FOOBAR\testAdmin [*] FOOBAR\Ahmed [*] FOOBAR\SBS [*] FOOBAR\Backup [*] FOOBAR\User [*] FOOBAR\SherifEldeeb [-] Current session is not running as Domain Admin meterpreter > ------------------------------------------ C:\Users\sherifeldeeb>net group "Domain Admins" /domain The request will be processed at a domain controller for domain
FOOBAR.COM.
Group name Domain Admins Comment Designated administrators of the domain Members
----------------------------------------------------------------------------
--- Administrator Tmpl testAdmin Ahmed.Aly SBS Backup User SherifEldeeb The command completed successfully. C:\Users\sherifeldeeb> ------------------------------------------ Here's what happened: . User names with spaces are being separated as different users, using
space
as delimiter, . i.e. Single USER:"SBS Backup User" will be identified as three users, USER:"SBS", USER:"BACKUP" and USER:"USER", and single user:"Administrator tmpl" will be identified as two users "Administrator"
&
"tmpl". . Usernames with "DOT" in them "Ahmed.Aly" will be spitted out by their first part only "Ahmed". . And last error, ([-] Current session is not running as Domain Admin) that's not right, the session *is* running as a domain admin. In the meantime, I'll stick to the good old "net group /domain" command to get my token_hunt_user list :) ------------------------------------------ I apologize if I'm becoming noisy or annoying throwing every error I come across to the mailing list, if this is the case, someone just tell me so I'll slow down he rate of me spamming you. Regards, Sherif. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- domain_list_gen script errors Sherif Eldeeb (Apr 24)
- Re: domain_list_gen script errors Carlos Perez (Apr 25)
- Re: domain_list_gen script errors Carlos Perez (Apr 25)
- Re: domain_list_gen script errors Sherif Eldeeb (Apr 25)
- Re: domain_list_gen script errors Carlos Perez (Apr 25)