Hashdump

[Matt Gardenghi <mtgarden () gmail com>]

Good morning,

I've been fighting with a problem and was hoping that someone would be 
able to assist me.  I've successfully compromised an administrative 
account on a 2003 SP2 box (Domain Admin account).  Using those 
credentials, I executed a meterpreter payload.  I then used 'getsystem' 
to up the privs further before running hashdump.  Hashdump failed.  I 
reran the payload ensuring that the "limited privs" checkbox was 
disabled.  Same failure.

I tried the latest fgdump from a remote location, no luck though.  I 
packed the fgdump and uploaded it to the box and executed it locally.  
That time it got the cache, but not the password list.

Why would this be failing?  It seems as if MS has changed something to 
fight back.  Also, I've been unable to open a shell on the box, once 
I've elevated my privs to system: execute -f cmd.exe -c -t .

Any pointers would be helpful.  Thanks.

Matt
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework