Metasploit mailing list archives
Re: Psexec on W2K8
From: "Adrian Puente Z." <apuente () hackarandas com>
Date: Sat, 21 May 2011 01:19:47 -0500 (CDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In my experience It haven't worked easily so what I did was using the PSexec from sysinternals (http://technet.microsoft.com/en-us/sysinternals/bb897553) and using the Admin credentials (you are gonna need the actual Admin Password not only the hash) I run something like after I've created a payload with msfpaylad. psexec \\Computer -u USER -p PASS -c -f -d msf-payload.exe And create a multihandler in my computer and worked fine. In the case of elevating privileges to system the "getsystem" doesn't worked. What I did was create a task that runs the same payload but with system privs. You can use the at or schtasks but in my case It was a hardened computer and those doesn't worked (not even the Carlos Perez's scripts) so I used a vncinject and created the task by hand using the GUI. I hope this idea helps. Regards, On Fri, 20 May 2011, Flippen, Benoit C wrote:
Anyone have any luck running psexec on a W2K8 box? Using admin credentials, it drops the file, creates the service, etc., but never gets the payload executed. On the remote system, the event logs show an error about interactive services not being allowed in W2K8. Any ideas? I'm sure it's something simple I'm missing. Benoit This email is UNCLASSIFIED _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
- -- Adrián Puente Z.
[www.hackarandas.com] Donde las ideas se dispersan en bytes... "... ruego a mi orgullo que se acompañe siempre de mi prudencia, y si algun dia mi prudencia se echara a volar, que al menos pueda volar junto con mi locura" --Nietzche Huella: FBD6 4C36 2557 C64C 1318 70A8 F561 CB6F 4E40 5AFB http://www.hackarandas.com/apuente_at_hackarandas.com.asc.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAk3XWYcACgkQW2tF/eN2yfbc4wCfQU9ED1rwnu61rqU9rXfrlp16 xqsAn1SLqcbfgfH7tPTxHf/ILkqd0MhI =QQcv -----END PGP SIGNATURE----- _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Pass the hash query TAS (May 20)
- Re: Pass the hash query Jose Selvi (May 20)
- Psexec on W2K8 Flippen, Benoit C (May 20)
- Re: Psexec on W2K8 Duncan Alderson (May 20)
- Re: Psexec on W2K8 Rob Fuller (May 20)
- Re: Psexec on W2K8 Adrian Puente Z. (May 20)
- Psexec on W2K8 Flippen, Benoit C (May 20)
- Re: Pass the hash query Jose Selvi (May 20)