metasploit and Domains
so ive been working with metasploit on normal internal networks at home. Everything works great there. Now ive wanted to go to the next level and see how everything works on a domain. So ive set up a small server at home and a domain to log into. I have a client log onto the server. I connect to this client using meterpreter. etc etc. So till now everything was jolly. Now when i try to take over the root account or system of the computer that ive exploited i cant migrate to the system. I think it has something to do with the fact the im logged onto the server and not the local account. Any idea on how to compromise the local account? Or even better the server that the computer is logged into?
I kno its a lot to read through, but i appreciate the help..
I'm not sure what the difference is between local and server accounts, but i'm guessing the local account is a root account, and the server account is limited, so you will need to escalate your privileges...goto an exploit db and see if you can find anything to help you
well when i exploit a system that is logged onto the server and run the command "ps" in meterpreter, i am able to see the programs that are being run by the user. I can migrate around those with no problem. I see the local system programs too, but when i try to migrate to them i get an error.
thanks for the fast reply tho.
Well privilege escalation, and it depend on the OS YOUR ARE connected to, there are alot of local exploits available for linux and windows ,just analyze few of them and use the right one for your target