search

EmpireProject / Empire

Empire is a PowerShell and Python post-exploitation agent.
http://www.powershellempire.com/
BSD 3-Clause "New" or "Revised" License
7.44k stars 2.82k forks source link

[!] Exception: 'NeedsAdmin' #867

Closed vay3t closed 6 years ago

vay3t commented 6 years ago

Empire Version

[Version] 2.3

OS Information (Linux flavor, Python version)

ubuntu 16.04 LTS x64

Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.

(i run empire with sudo or root) when i use the command: searchmodules i have this problem:

(...)

    Finds generic .DLL hijacking opportunities.

 powershell/privesc/tater

    Tater is a PowerShell implementation of the Hot Potato Windows
    Privilege Escalation exploit from @breenmachine and @foxglovesec.

 powershell/privesc/bypassuac

    Runs a BypassUAC attack to escape from a medium integrity process to a
    high integrity process. This attack was originally discovered by Leo
    Davidson. Empire uses components of MSF's bypassuac injection
    implementation as well as an adapted version of PowerSploit's Invoke--
    Shellcode.ps1 script for backend lifting.

 powershell/management/wdigest_downgrade*

    Sets wdigest on the machine to explicitly use logon credentials.
    Counters kb2871997.

 python/privesc/linux/linux_priv_checker

    This script is intended to be executed locally ona Linux box to
    enumerate basic system info, and search for commonprivilege escalation
    vectors with pure python.

 powershell/collection/file_finder

    Finds sensitive files on the domain.

[!] Exception: 'NeedsAdmin'

Screenshot of error, embedded text output, or Pastebin link to the error

Any additional information

xorrior commented 6 years ago

@vay3t I'm unable to reproduce the exception that you're seeing with the searchmodule command. Can you pull down the latest from the master and try again? I'm not sure where that exception is coming from.

vay3t commented 6 years ago 
root@vay3t-lab:~/Empire# git show
commit c1be55709fdf0ba8c6dffd5ca6374e4c6cbc1cca
Merge: d345aec eaf2f51
Author: Chris Ross <chris@xorrior.com>
Date:   Mon Dec 18 10:39:57 2017 -0500

    Merge pull request #866 from utkusen/master

    Fix for Unicode Error for session_key variable (Issue #821)

I keep having the same error, will it be because I only occupy 512mb of ram? the truth I would like to help, you could try for yourself creating a vps ubuntu 16.04 in digitalocean

xorrior commented 6 years ago

@vay3t So I've tested on ubuntu 16.04 in digitalocean and I could not reproduce the issue you were having. I have no idea what would be causing that.

killswitch-GUI commented 6 years ago

@vay3t do you have custom modules? I have a hunch your missing a field or did some custom edits on a stock module.

vay3t commented 6 years ago

The truth is, no

killswitch-GUI commented 6 years ago

hmm, I don't know what we can do since we cant reproduce. I would say rebuild Empire.

killswitch-GUI commented 6 years ago

I'm going to close this in the meantime, please let me know if a rebuild does not help.