Metasploit mailing list archives

Re: token impersonation seems broken

From: John Nash <rootsecurityfreak () gmail com>
Date: Tue, 7 Sep 2010 19:24:24 +0530

I am getting system using getsystem, but i am still unable to impersonate
other users using delegation tokens

meterpreter > getsystem
...got system (via technique 1).
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter >
meterpreter >
meterpreter > list_tokens -u

Delegation Tokens Available
========================================
EVEREST\Administrator
NT AUTHORITY\LOCAL SERVICE
NT AUTHORITY\NETWORK SERVICE
NT AUTHORITY\SYSTEM

Impersonation Tokens Available
========================================
NT AUTHORITY\ANONYMOUS LOGON

meterpreter > impersonate_token "EVEREST\\Administrator"
[-] User token EVERESTAdministrator not found
meterpreter >
meterpreter > impersonate_token "EVEREST\\Administrator"
[-] User token EVERESTAdministrator not found
meterpreter >
meterpreter >


jn

On Tue, Sep 7, 2010 at 7:16 PM, Terrence <secretpackets () gmail com> wrote:

use privs
getsystem
the try it ;)

Terrence Gareau

I think the Internet is the most dangerous thing invented since the
atomic bomb. ~ John Mellencamp



On Tue, Sep 7, 2010 at 09:44, John Nash <rootsecurityfreak () gmail com>
wrote:

I am using the latest updated version of Metasploit. (  v3.4.2-dev   svn
r10251 updated today (2010.09.06) )
I am trying to impersonate tokens but getting an error ... here is the

dump:


-----------------------------------------------
meterpreter > list_tokens -u
[-] Warning: Not currently running as SYSTEM, not all tokens will be
available
             Call rev2self if primary process token is SYSTEM
Delegation Tokens Available
========================================
EVEREST\Administrator
NT AUTHORITY\LOCAL SERVICE
NT AUTHORITY\NETWORK SERVICE
NT AUTHORITY\SYSTEM
Impersonation Tokens Available
========================================
NT AUTHORITY\ANONYMOUS LOGON

meterpreter > impersonate_token "NT AUTHORITY\\SYSTEM"
[-] Warning: Not currently running as SYSTEM, not all tokens will be
available
             Call rev2self if primary process token is SYSTEM
[-] User token NT AUTHORITYSYSTEM not found
meterpreter >
meterpreter >
meterpreter > getuid
Server username: EVEREST\Administrator
meterpreter >

--------------------------------------------
I am currently admin but wanna become system.
Is there anything i am doing wrong?
jn

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

token impersonation seems broken John Nash (Sep 07)
- Re: token impersonation seems broken Terrence (Sep 07)
  - Re: token impersonation seems broken John Nash (Sep 07)
- Message not available
  - Re: token impersonation seems broken David Kennedy (Sep 07)