Nmap Development mailing list archives
Re: psexec failing against XP and seven
From: Brahim Sakka <brahim.sakka () gmail com>
Date: Wed, 25 May 2011 08:11:12 +0100
2011/5/25 Ron <ron () skullsecurity net>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Try: mod.program = 'cmd /c "taskllist.exe /svc"'
Output: *| Tasklist | 'tasklist.exe' is not recognized as an internal or external command, | operable program or batch file. |_ * Still no luck :/
That may or may not work. The issue is that some Windows apps are implemented in a totally insane way. Ron On Wed, 25 May 2011 00:26:25 +0100 Brahim Sakka <brahim.sakka () gmail com> wrote:I've been playing around with the script , modifiying the configuration files and trying the different examples. I'm impressed how this NSE script bypasses the classic psexec's capabilities. However there is a single configuration attempt that did not work as expected: *mod = {}* *mod.upload = false* *mod.name = "Extracting tasklist output"* *mod.program = "tasklist.exe"* *mod.args = "/svc"* *table.insert(modules, mod)* *Starting Nmap 5.51 ( http://nmap.org ) at 2011-05-24 19:30 CET* *PORT STATE SERVICE* *139/tcp open netbios-ssn* *445/tcp open microsoft-ds* * * *Host script results:* *| smb-psexec: * *| Tasklist* *|_* Tried this on a couple of machines. And no tasklist information was returned. Anyone knows a workaround to this? 2011/5/24 Ron <ron () skullsecurity net>-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 24 May 2011 09:52:37 +0100 Brahim Sakka <brahim.sakka () gmail com> wrote:There is a -c switch in the psexec that "copies the program (command) to the target machine before execution". Is there an equivalent for that in Nmap's psexec ?Yes, it's in the configuration file. By default, default.lua is used, but if you look at pwdump.lua you'll see that it uploads. Ron -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk3bpYgACgkQ2t2zxlt4g/RDkACgz9cwkybTD0UcYKRWPzEQKcst nz0An3UxklpT1NoaKMnIOc7ZP1dMdRgV =BFNw -----END PGP SIGNATURE----------BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk3cZRYACgkQ2t2zxlt4g/RWTgCgogArmNWfShYS1Qplv/RkwoXI a4UAn0YLrMlxrqHau1jgNp0FuqG+Otyx =CsZH -----END PGP SIGNATURE-----
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- psexec failing against XP and seven Brahim Sakka (May 23)
- Re: psexec failing against XP and seven DePriest, Jason R. (May 23)
- Re: psexec failing against XP and seven Brahim Sakka (May 24)
- Re: psexec failing against XP and seven Ron (May 24)
- Re: psexec failing against XP and seven Brahim Sakka (May 24)
- Re: psexec failing against XP and seven Ron (May 24)
- Re: psexec failing against XP and seven Brahim Sakka (May 25)
- Re: psexec failing against XP and seven rilian4 rilian4 (May 25)
- Re: psexec failing against XP and seven Brahim Sakka (May 25)
- Re: psexec failing against XP and seven Brahim Sakka (May 30)
- Re: psexec failing against XP and seven Ron (Jun 16)
- Re: psexec failing against XP and seven Brahim Sakka (May 24)
- Re: psexec failing against XP and seven DePriest, Jason R. (May 23)