AnsweredAssumed Answered

Help with getsystem/priv escalation

Question asked by alta ho on Apr 18, 2017
Latest reply on May 25, 2017 by Aman Agrawal

Hi,

 

I am trying to use getsystem on a  Windows XP (Build 2600, Service Pack 1) test device and get the following:

 

meterpreter > getsystem

[-] priv_elevate_getsystem: Operation failed: Access is denied. The following was attempted:

[-] Named Pipe Impersonation (In Memory/Admin)

[-] Named Pipe Impersonation (Dropper/Admin)

[-] Token Duplication (In Memory/Admin)

 

meterpreter > getuid

Server username: test2\IWAM_TEST2

 

meterpreter > sysinfo

Computer        : TEST2

OS              : Windows XP (Build 2600, Service Pack 1).

Architecture    : x86

System Language : en_US

Domain          : WORKGROUP

Logged On Users : 5

Meterpreter     : x86/win32

 

After reading the blog posts I then tried migrating to  explorer.exe but got the insufficient privileges error:

 

3844  2452  explorer.exe

 

meterpreter > migrate 3844

[*] Migrating from 400 to 3844...

[-] Error running command migrate: Rex::RuntimeError Cannot migrate into this process (insufficient privileges)

 

Any suggestions to try from here please?

Outcomes