Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Privilege escalation in win7

From: "Darren Shady" <Darren.Shady () sunh com>
Date: Wed, 5 May 2010 12:11:23 -0600
Yes; Picked an exploit and have a meterpreter session active. - get
system fails on all 4 modes

 

Looks like it times out and causes NTVDM.exe to stop

 

meterpreter > use priv

Loading extension priv...success.

meterpreter > use incognito

Loading extension incognito...success.

meterpreter > sysinfo

Computer: DARREN-PC

OS      : Windows 7 (Build 7600, ).

Arch    : x86

Language: en_US

meterpreter > getsystem

 

[-] Error running command getsystem: Rex::TimeoutError Operation timed
out.

 

meterpreter >

meterpreter >

meterpreter > getsystem

[-] priv_elevate_getsystem: Operation failed: 5

meterpreter >


 

 

       =[ metasploit v3.4.0-dev [core:3.4 api:1.0]

+ -- --=[ 547 exploits - 259 auxiliary

+ -- --=[ 208 payloads - 23 encoders - 8 nops

       =[ svn r9224 updated today (2010.05.05)

 

 

My assumption is this is as expected

 

 

D 

From: framework-bounces () spool metasploit com
[mailto:framework-bounces () spool metasploit com] On Behalf Of Matt
Gardenghi
Sent: Wednesday, May 05, 2010 12:01 PM
To: framework () spool metasploit com
Subject: Re: [framework] Privilege escalation in win7

 

Do you have a meterpreter session?  Getsystem just worked for me (though
I don't know how patched the target really is).

On 5/5/2010 1:58 PM, Darren Shady wrote: 

On a patched win7 system (MS10-015), what other options are available
for privilege escalation?

 

D 

This e-mail and any attachments may be privileged, confidential, and/or
proprietary. If you are not the intended recipient of this email, please
delete it and do not read, distribute, or reproduce it. The unauthorized
use of this e-mail is strictly prohibited. Thank you. 
 
 
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
  

 

This e-mail and any attachments may be privileged, confidential, and/or proprietary. If you are not the intended 
recipient of this email, please delete it and do not read, distribute, or reproduce it. The unauthorized use of this 
e-mail is strictly prohibited. Thank you.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: