Re: bug in smb_lookupsid.rb

[Robin Wood <robin () digininja org>]

On 12 August 2010 17:08, c0lists <lists () carnal0wnage com> wrote:
> the other thing to try is if you can look up the sids using rpcclient,
> as it may be an issue with some policy set in the domain and not msf.

rpcclient works fine from the same machine as metasploit is on through
port forwarding:

rpcclient -U Administrator localhost
rpcclient $> lookupnames robin
robin S-1-5-21-567647586-1695983328-3510211954-1106 (User: 1)
rpcclient $> lookupsids S-1-5-21-567647586-1695983328-3510211954-1106
S-1-5-21-567647586-1695983328-3510211954-1106 CORPNET\robin (1)

Looks like the config is right. The server is Server 2008 in a default
setup, I installed it, added a couple of users and that is it, nothing
else.

Robin

> On Thu, Aug 12, 2010 at 12:02 PM, HD Moore <hdm () metasploit com> wrote:
> > On 8/12/2010 10:50 AM, Robin Wood wrote:
> > > Still no luck, the details are correct as its my lab and I've just
> > > logged in with them and checked it. 10.1.1.2 is a domain controller
> > > I've pivoted to through meterpreter on 10.1.1.5.
> >
> > Try unsetting SMBDomain, that is the only difference that I can see
> > between smbclient and Metasploit. If that still fails, its likely a case
> > where you can't use lookupsid for some other reason -- however, you
> > should be able to use smb_enumusers.rb
> >
> > -HD
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework