Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Incognito Operation failed: 7022

From: troy () defendit com au
Date: Mon, 1 Feb 2010 19:15:33 +1100 (EST)
It's failing to load cmd.exe as a Domain Admin on the client. Therefor not
possible to issue the commands.


Can you impersonate the token of a domain admin on a client then issue
these commands to add a domain admin to the pdc from the client.

NET USER {username} {password} /DOMAIN /ADD
NET GROUP "domain admins" {username} /DOMAIN /ADD



On Sun, Jan 31, 2010 at 23:04,  <troy () defendit com au> wrote:

Hi All,

At a client site performing pentest. Have local admin/system privs on
+40
servers/workstations. Can impersonate delegation tokens of domain
users/administrators. However, when I impersonate a Domain Admin
delegation token and attempt to load cmd.exe I get the following error:

meterpreter > execute -f cmd.exe -H -c -i -t
[-] stdapi_sys_process_execute: Operation failed: 7022

This is the same for all hosts with delegation tokens for domain admins.

I can load cmd.exe for domain user accounts, and cmd.exe for system
privs.

Has anybody seen this error?

Thanks,
Troy

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework






_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: