Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: privs module auto-load

From: Richard Miles <richard.k.miles () googlemail com>
Date: Fri, 4 Jun 2010 22:04:02 +0000
Thanks, nice feature. By the way, it do not work on my system (maybe
it's patched).

meterpreter > getuid
Server username: NT AUTHORITY\NETWORK SERVICE
meterpreter > getsystem -t 1
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 2
getsystem -t [-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 3
[-] priv_elevate_getsystem: Operation failed: 5
meterpreter > getsystem -t 4
[-] priv_elevate_getsystem: Operation failed: 3221225477


There is any other trick on meterpreter to escalate priv?

Thanks

On Fri, Jun 4, 2010 at 3:18 PM, HD Moore <hdm () metasploit com> wrote:

On 6/4/2010 10:09 AM, Richard Miles wrote:

I got confused not. use priv means that you will be changed to SYSTEM
priv when you are admin, righ?


The "use priv" command loads the priv extension into meterpreter. This
provides some additional commands, including "getsystem".


I never seen this getsystem before. I mean, there is not privilege
escalation for normal/restricted users change to SYSTEM on
meterpreter, right?


Thats exactly what it is - it elevates from a normal user to SYSTEM when
possible (kitrap0d) and from an administrative user to SYSTEM otherwise
(required to migrate on newer Windows).

-HD

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: