Metasploit mailing list archives
Re: Bug?: Timestomp doesn't work on Win7 32bit host
From: ricky-lee birtles <mr.r.birtles () gmail com>
Date: Mon, 3 Jan 2011 11:53:50 +0000
Afternoon Brian, Sorry for the short reply last time. I was using my mobile and the weather is not really too kind when your using a touch screen. Since you tried as system I can't see this idea really helping much but what process are you running as? Try migrating to a system process as well as using getsystem. I will state this is all guess work though. Regards, -- Mr R Birtles On 3 January 2011 00:40, Brian <briaar () gmail com> wrote:
Hi Ricky, It still fails even running as system:meterpreter > getsystem ...got system (via technique 1). meterpreter > timestomp c:\\raw.dll -f c:\\windows\\notepad.exe [*] Setting MACE attributes on c:\raw.dll from c:\windows\notepad.exe [-] priv_fs_set_file_mace_from_file: Operation failed: Access is denied. meterpreter >-Brian On Sun, Jan 2, 2011 at 5:25 PM, ricky-lee birtles <mr.r.birtles () gmail com> wrote:Try running it as system On 3 Jan 2011 00:16, "Brian" <briaar () gmail com> wrote:Test host is a fresh Win7 32bit install. meterpreter > getuid Server username: WIN7\Administrator meterpreter > timestomp c:\\raw.dll -f c:\\windows\\notepad.exe [*] Setting MACE attributes on c:\raw.dll from c:\windows\notepad.exe [-] priv_fs_set_file_mace_from_file: Operation failed: Access is denied. meterpreter > getsystem ...got system (via technique 1). meterpreter > timestomp c:\\raw.dll -f c:\\windows\\notepad.exe [*] Setting MACE attributes on c:\raw.dll from c:\windows\notepad.exe [-] priv_fs_set_file_mace_from_file: Operation failed: Access is denied. meterpreter > I've also noticed meterpreter scripts that call "priv_fs_set_file_mace_from_file" also fail. Scripts error: Error changing MACE: Rex::Post::Meterpreter::RequestError priv_fs_set_file_mace_from_file: Operation failed: Access is denied. Any thoughts? Cheers, -Brian
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Bug?: Timestomp doesn't work on Win7 32bit host Brian (Jan 02)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host ricky-lee birtles (Jan 02)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host Brian (Jan 02)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host ricky-lee birtles (Jan 03)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host Carlos Perez (Jan 03)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host Brian (Jan 02)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host Carlos Perez (Jan 03)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host Brian (Jan 03)
- Re: Bug?: Timestomp doesn't work on Win7 32bit host ricky-lee birtles (Jan 02)