Vulnerability & Exploit Database

Back to search

PsExec via Current User Token

This module uploads an executable file to the victim system, creates a share containing that executable, creates a remote service on each target system using a UNC path to that file, and finally starts the service(s). The result is similar to psexec but with the added benefit of using the session's current authentication token instead of having to know a password or hash.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/local/current_user_psexec

Authors

  • egypt <egypt [at] metasploit.com>
  • jabra

References

Targets

  • Universal

Platforms

  • windows

Architectures

  • x86
  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/local/current_user_psexec msf exploit(current_user_psexec) > show targets ...targets... msf exploit(current_user_psexec) > set TARGET <target-id> msf exploit(current_user_psexec) > show options ...show and set options... msf exploit(current_user_psexec) > exploit

Related Vulnerabilities

Related Modules