2Votes | Post Exploitation Questionasked by Alok, 11 years, 9 months ago |
I have a huge network of over 10k computers. I need to test them all for privilege escalation exploits. I dont want to intrude into them. I have access to non admin account on all of them. I need to test that which computers dont have win updates enabled and are vulnerable to kript0d and other privilege escalations. Is there a way i could create meterpreter session without intruding into them ? Psexe seems to be an option but i dont see it using plain txt password. It only takes smb user and pass. The mstsc user,pass when given as input to psexe, dont work. I could just login to each computer and then use some client side, browser auto pwn or something similar but since the number of computers is huge this approach is impractical . Any one can think of a way? |
Kingu on Mon 23 Jul 2012 | |
Meterpreter is always post exploitation - which means your code is running on the victim and hence it is never a non-intrusive way. If you are in meterpreter than you've basically exploited the service entirely.
|
Alok on Mon 23 Jul 2012 | |
you dont really understand my point. My goal is to test for privilege escalation exploits. I can intrude if i have to but since i already have accounts on them there is no point . I need to know how can i get a meterpreter session if i have a rdp login. psexe does not seem to work. or may be i am doing something wrong. Can someone confirm ? |
Alok on Fri 27 Jul 2012 | |
So no one knows anything about it ?
|
beastmode19888 on Thu 23 Aug 2012 | |
Have you tried using Armitage? This will give you a more clear outlook on what possible vulnerabilities may be with using the rdp login for them? I think I understand what your trying to do but for what I don't really follow. So I'm approaching it as if you need to be able to log this information in order to identify which would need the updates for the passwords you have. If that is so you should be doing a password audit. I'm noticing that you have a shell with regular users but want to take it to the next level. I have a video that shows how you can escalate users from normal to admin.
|
hoangthibuoi261994 on Thu 06 Aug 2020 | |
Prevent covid-19 disease by wearing a mask when going out, washing your hands often with soap, cleaning the house to limit the virus. atari breakout |
ashwink2 on Fri 03 Sep 2021 | |
I have to share this important post comment for the people who like play euchre online card game and use their special skills to win. Thank you so much. |
JamesHoward on Fri 20 May 2022 | |
thank you "HandsomeDeviL".. You gave me good search engine . but it is specified that "The 'port' filter is used to narrow the search to specific services. Possible values are: 21, 22, 23 and 80." but i want other than this ports ... especially i want to know the service nessus (8834) hosts which are in public. chinese restaurants nearby
|
sabrina890 on Wed 01 Jun 2022 | |
To run this kind of huge setup you need to make changes to your power supplies to test them for privilege escalation. You can be writing help online for more information if you are still confused about running this setup. |
jeffpierce on Tue 23 Aug 2022 | |
While it is possible to save time You must perform mental workouts to train your brain if you use an agency. Students frequently perceive writing an essay to be a challenging undertaking, particularly when it comes to conducting research and including examples.
|
mikle on Fri 24 Feb 2023 | |
O Cassino Mostbet é o maior do gênero no Brasil. Oferece uma variedade de jogos, incluindo apostas esportivas e jogos de cassino. https://mostbetbrasil.com
|
hasnainayoub7 on Sun 21 May 2023 | |
I need to to thank you for this very good read!! I definitely loved every little bit of it. I have you bookmarked to check out new things you post… Delaware startup packages |
hasnainayoub7 on Mon 29 May 2023 | |
questions like converting the file in any language but with the same look of the text is a concern for some individuals. For that matter Learn https://www.signnow.com/ask/detailed-guide-on-how-to-sign-a-pdf-online-in-signnow for business is the best web to go to. They solve every problem very quickly and their solution work every time. |
hasnainayoub7 on Mon 29 May 2023 | |
I recently discovered airslate.com/workflows/document/pets. And now I'm wondering why I didn't discover this platform earlier. Highly recommended! |
celinedion on Tue 11 Jul 2023 | |
You need to find someone with experience guiding the proper and legal vulnerability testing processes. Mapquest driving directions avoid unauthorized access. |
ayoubkhatri87 on Sun 15 Oct 2023 | |
Wow, What a Excellent post. I really found this to much informatics. It is what i was searching for.I would like to suggest you that please keep sharing such type of info.Thanks internet providers Calgary |
MichealAllanson on Fri 29 Dec 2023 | |
It is a great website.. The Design looks very good.. Keep working like that!. internet providers Mississauga |
mikle on Sun 25 Feb 2024 | |
EssayPro operates as a bridge between students seeking academic assistance and professional essay writers https://essaypro.com/essays-for-sale . Through its online platform, students can post their essay requirements, and EssayPro matches them with suitable writers based on their expertise and availability.
|
ryanrobbie on Wed 20 Mar 2024 | |
I just want to give you a huge thumbs up for the great information you've added to this post. I will be back to your blog site soon for more mapquest driving directions
|
dany66 on Sat 27 Apr 2024 | |
Take the Home Depot customer survey at https://homedepotcomsurvey.website/ to share your opinion about your recent visit to one of their stores. Get a $5000 gift card for free as a token of appreciation for participating. Your feedback will help the company improve its services.
|