Metasploit mailing list archives
Re: meterpreter: incognito: add_group_user --> invalid UTF-8 character
From: Jerome Athias <jerome () netpeas com>
Date: Fri, 10 Dec 2010 16:48:53 +0000
Hi, something was here http://seclists.org/metasploit/2007/q2/246 I think that "Administratoren" is not enough? I should be able to help you off-list but "in a near future" /JA Le 08/12/2010 03:21, Sherif El-Deeb a écrit :
Since you already have access and want only to add your user to the group, after impersonation, drop to a command prompt "execute -f cmd.exe -H -c -i -t", then piping "DSQUERY" to "DSMOD" from the command prompt will help you avoid typing the problematic charachter in the console while doing the trick. another solution would be doing some command line kung-fu _on_the_remote_machine_ , after impersonation, to get the "Domänen-Admins" inside a .txt file or a variable "%domadmin%", then use this information _on_the_remote_machine_ to do whatever you want. Sherif Eldeeb On Wed, Dec 8, 2010 at 12:15 AM, Joerg Trommer <joerg.trommer () freenet de> wrote:Hello, I have a problem using the incognito add_group_user command. I habe a meterpreter session on a windows system, successfully run impersonate_token XXX\\Administrator, I also successfully added the user "hacker" on the DC. As next step I wanted to add this to the Domain Admins group on the DC. Since the DC is a German windows system the Domain Admin group is called "Domänen-Admins". When I try to execute add_group_user "Domänen-Admins" hacker -h xx.xx.xx.xx I get an error message (malformed UTF-8 character) when entering the "ä" character. Can anyone help on this issue ? Thank you. -- Joerg Trommer mailto:joerg.trommer () freenet de _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- Bien cordialement, Jérôme Athias VP Software Engineering NETpeas Casablanca www.netpeas.com GSM Maroc: +212 (0)6 65 34 64 54 http://www.linkedin.com/in/jeromeathias "The computer security is an art form. It's the ultimate martial art." ------------------------------------------------------------------------ Ce message ainsi que les pièces jointes est confidentiel et destiné exclusivement à l'usage de la personne à laquelle il est adressé. Il a été contrôlé par les serveurs antivirus de NETpeas et ne contient, à priori, pas de virus mais il est de votre responsabilité de vous en assurer avant son ouverture. Si vous avez reçu ce message par erreur, merci de le retourner à son émetteur. La publication, l'usage, la distribution, l'impression ou la copie non autorisée de ce message et de ses pièces jointes sont strictement interdits. Les opinions exprimées dans cet e-mail sont celles de l'émetteur et ne reflètent pas nécessairement celles de l'entreprise. ------------------------------------------------------------------------
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- meterpreter: incognito: add_group_user --> invalid UTF-8 character Joerg Trommer (Dec 07)
- Re: meterpreter: incognito: add_group_user --> invalid UTF-8 character Sherif El-Deeb (Dec 07)
- Re: meterpreter: incognito: add_group_user --> invalid UTF-8 character Jerome Athias (Dec 10)
- Re: meterpreter: incognito: add_group_user --> invalid UTF-8 character Sherif El-Deeb (Dec 07)