Inspiration & Genius – One and the Same

SkullSecurity – Finding Mapped Drives with Meterpreter

Written by Steve Shead on September 1, 2010 Leave a Comment

SkullSecurity » Blog Archive » Finding Mapped Drives with Meterpreter.

Here’s a good one from Skull Security. Since the SYSTEM account isn’t a user, getting mapped drives is a pain. Below is the gist of the conversation, but visit the link above for the details.

Issues:

1) If you are SYSTEM, you won’t have the credentials of the logged in user.

2) The drives are mapped to the user and SYSTEM isn’t a user with mapped drives.

3) The process is the same for finding mapped drives in both Novell and AD.

Workaround:

The procedure for accessing the user’s drives goes like this for the SYSTEM user at the Meterpreter prompt:

1) run migrate explorer.exe (this migrates you to the explorer process and gives you the logged in user’s privileges.)

2) getuid (verify that you are now the user)

3) run get_env (this dumps the environmental variables including the mapped drives)

4) cd <drive letter> (browse the drives at your leisure)

If you know your way around meterpreter you’ll be okay with the above comentary. If not, visit the link at the top of this post – there’s a picture illustrating the commands inside of a meterpreter shell.

Posted in Tech | Tagged , , , , ,

Leave a Reply

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»

Genesis Framework

Genesis Framework for WordPress

Studiopress Themes

Scribble Theme - A Beautiful Frame For Your WordPress Website

Advertisements