Getting Meterpreter and ms16_032_secondary_logon_handle_privesc working

Hi all,
I’m going through the old boxes learning as much as i can. Have just rooted Optimum using PowerShell, now having a go with Meterpreter.

I’ve followed ipsec, and the official guide to use ms016_32, but just can seem to get the priv esc shell working.

Have used xploit/windows/http/rejetto_hfs_exec, and made sure i have payload options (windows/x64/meterpreter/reverse_tcp). So 64bit to start with.

Sysinfo shows i’m 64bit meterpreter on 64bit box.

Then i background my shell and use exploit/windows/local/ms16_032_secondary_logon_handle_privesc. Again i make sure i’m using payload options (windows/x64/meterpreter/reverse_tcp).

when i run the exploit i get this:

[] Started reverse TCP handler on 10.10.xx.xx:4445
] Writing payload file, C:\Users\kostas\Desktop\PhOILAQYjuAag.txt…
[] Compressing script contents…
[+] Compressed size: 3640
] Executing exploit script…
[+] Cleaned up C:\Users\kostas\Desktop\PhOILAQYjuAag.txt
[*] Exploit completed, but no session was created.

Any ideas?

Exact same problem. A couple of writeups I’ve looked at had the same issue. MS16-032 makes mention of requiring 2 CPUs in order to work, so maybe something changed in this machine at some point that made MS16-032 stop working.

I can tell you that there’s another exploit that works against this box, and it’s much easier to use than MS16-032.