Closed agrawalsmart7 closed 4 years ago
busterb
commented
5 years ago Probably similar issue as this, google around for STATUS_USER_SESSION_DELETED. You'll have to say more about your environment to really be sure.
https://github.com/SecureAuthCorp/impacket/commit/dc4606822e489e62d276bc3c928af31cd860f4a0
busterb
commented
5 years ago Just on a lark, have you tried setting your max SMB version from 3.0 to 2.0 on your target host?
agrawalsmart7
commented
5 years ago Hi, just to add something,
I can successfully logged in with auxilliary/windows/smb/smb_login but when I do the same with psexec exploit I get the same error. AND not only this When the user have admin privileges it simply executes this and I got the shell perfectly. Now,
Is that mean that psexec only works if the user have admin privileges? If yes then what can we do if one have only user privileges.
Thanks, looking for any reply.
bcoles
commented
5 years ago Is that mean that psexec only works if the user have admin privileges?
The psexec module only works if the user has admin privileges.
This module uses a valid administrator username and password (or
password hash) to execute an arbitrary payload. This module is similar
to the "psexec" utility provided by SysInternals. This module is now able
to clean up after itself. The service created by this tool uses a randomly
chosen name and description.Okay, thanks for clarifying. Now I want to know that if is there any way to log on to the computer and get meterpreter shell?
[WITHOUT Admin privileges]
agrawalsmart7
commented
5 years ago And bcoles, Here is another issue, may you want to see.:-
https://github.com/gentilkiwi/mimikatz/issues/181
Thanks
Hi,
I don't understand why psexec shows this error:-
In many posts, I saw that people getting shell easily but I can't because of this error.
Can anyone guide me in this.