SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
Tweaking the Adduser_wmic Metasploit Script
In this video Chris John Riley demonstrates how to tweak the Adduse_wmic.rb script for more useful functionality. Borrowing from his blog:
"After taking input from a few interested sources I’ve done some tweaking on the adduser_wmic.rb script. These are only minor changes to the selection process to give the user 3 options on how the payload functions .:
1. Standard mode – The account is created and added to the hardcoded ‘Administrators’ local group
2. Custome mode – The account is created and added to the local group specified by the cust parameter
3. WMIC mode – The account is created and added to the local administrators group regardless of name, based on the SID.
This last option is, as HD pointed out, supported only on Windows XP / 2003 and later systems. However it does offer a larger degree of flexibility by discovering the local administrators account without relying on the name. This can help bypass the language issue, as well as the issue of renamed local groups." You can read the full article on his blog.
You can visit Chris' blog more interesting articles on security and hacking. Thanks go out to Chris for posting this video on SecurityTube! This video is a recommended watch for all Metasploit fans! Enjoy!
"After taking input from a few interested sources I’ve done some tweaking on the adduser_wmic.rb script. These are only minor changes to the selection process to give the user 3 options on how the payload functions .:
1. Standard mode – The account is created and added to the hardcoded ‘Administrators’ local group
2. Custome mode – The account is created and added to the local group specified by the cust parameter
3. WMIC mode – The account is created and added to the local administrators group regardless of name, based on the SID.
This last option is, as HD pointed out, supported only on Windows XP / 2003 and later systems. However it does offer a larger degree of flexibility by discovering the local administrators account without relying on the name. This can help bypass the language issue, as well as the issue of renamed local groups." You can read the full article on his blog.
1. Standard mode – The account is created and added to the hardcoded ‘Administrators’ local group
2. Custome mode – The account is created and added to the local group specified by the cust parameter
3. WMIC mode – The account is created and added to the local administrators group regardless of name, based on the SID.
This last option is, as HD pointed out, supported only on Windows XP / 2003 and later systems. However it does offer a larger degree of flexibility by discovering the local administrators account without relying on the name. This can help bypass the language issue, as well as the issue of renamed local groups." You can read the full article on his blog.
You can visit Chris' blog more interesting articles on security and hacking. Thanks go out to Chris for posting this video on SecurityTube! This video is a recommended watch for all Metasploit fans! Enjoy!
Related Videos from: Exploit Demos (13)
 |  |  |  |  | |
You are Viewing this Video Now! | |||||
4532 views | 5548 views | 2111 views | 3449 views | 7022 views |
Author
Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net
©2007 Freak Labs |