Metasploit mailing list archives
Re: Incognito Operation failed: 7022
From: troy () defendit com au
Date: Mon, 1 Feb 2010 19:15:33 +1100 (EST)
It's failing to load cmd.exe as a Domain Admin on the client. Therefor not possible to issue the commands.
Can you impersonate the token of a domain admin on a client then issue these commands to add a domain admin to the pdc from the client. NET USER {username} {password} /DOMAIN /ADD NET GROUP "domain admins" {username} /DOMAIN /ADD On Sun, Jan 31, 2010 at 23:04, <troy () defendit com au> wrote:Hi All, At a client site performing pentest. Have local admin/system privs on +40 servers/workstations. Can impersonate delegation tokens of domain users/administrators. However, when I impersonate a Domain Admin delegation token and attempt to load cmd.exe I get the following error: meterpreter > execute -f cmd.exe -H -c -i -t [-] stdapi_sys_process_execute: Operation failed: 7022 This is the same for all hosts with delegation tokens for domain admins. I can load cmd.exe for domain user accounts, and cmd.exe for system privs. Has anybody seen this error? Thanks, Troy _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Incognito Operation failed: 7022 troy (Jan 31)
- Re: Incognito Operation failed: 7022 Terrence (Jan 31)
- Re: Incognito Operation failed: 7022 troy (Feb 01)
- Re: Incognito Operation failed: 7022 Terrence (Jan 31)