metasploit-gs/documentation/modules/post/windows/gather/resolve_sid.md at 3da170a43c7f288fe9bc88fe325da488733acac3

adam/metasploit-gs

Fork 0

Files

T

bcoles 5a57ea131e resolve_sid: Add docs and resolve RuboCop violations

2023-04-23 17:39:32 +10:00

829 B

Raw Blame History

Vulnerable Application

This module prints information about a given SID from the perspective of this session.

Verification Steps

Start msfconsole
Get a session on a Windows host
Do: use post/windows/gather/resolve_sid
Do: set session [#]
Do: run
You should receive user SID information

Options

SID

SID to lookup.

SYSTEM_NAME

Where to search. If undefined, first local then trusted DCs.

Scenarios

Windows 2008 SP1 DC

msf6 > use post/windows/gather/resolve_sid
msf6 post(windows/gather/resolve_sid) > set sid S-1-5-32-544
sid => S-1-5-32-544
msf6 post(windows/gather/resolve_sid) > set session 1
session => 1
msf6 post(windows/gather/resolve_sid) > run

[*] SID Type: alias
[*] Name:     Administrators
[*] Domain:   BUILTIN
[*] Post module execution completed

829 B Raw Blame History

Vulnerable Application

Verification Steps

Options

SID

SYSTEM_NAME

Scenarios

Windows 2008 SP1 DC

829 B

Raw Blame History