rpc_s_access_denied, very common issue with impacket scripts !

[Spl0itx]

I know there are many topics related to the same issue, I read every single post but there are no solutions fit with my problem.

I have the same problem with wmiexec, smbexec, atexec, dcomexec,

I am testing this on my local Windows 10 pro x64

$ python /usr/share/doc/python-impacket/examples/wmiexec.py [email protected] "whoami"
Impacket v0.9.19 - Copyright 2019 SecureAuth Corporation

Password:
[*] SMBv3.0 dialect used
[-] rpc_s_access_denied

user2 is in administrators group

PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1539/tcp open intellistor-lm

even with some other scripts in Impacket like services.py

user@ubuntu:~/Desktop$ python /usr/share/doc/python-impacket/examples/services.py [email protected] list
Impacket v0.9.19 - Copyright 2019 SecureAuth Corporation

Password:
[-] DCERPC Runtime Error: code: 0x5 - rpc_s_access_denied

Thank you all in advanced

[asolino]

Did you set HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy ?

[awsmhacks]

@Spl0itx it sounds like you are testing on a non-domain joined machine.
As asolino indicated, you'll need to set the key to disable Remote UAC which is a default unless a computer has been joined to a domain.

This article describes the probable situation and how to enable the key. https://support.pdq.com/knowledge-base/1055

A quick check to verify this is indeed the issue is by trying to mount the admin$ share from a different computer.
net use \\IP\ADMIN$ /user:username password
Will throw an error if Remote UAC is still enabled.

[asolino]

Thanks for the extra clarification @awsmhacks. Closing this one since there was no answer.

[nareshmail]

Your user is not have permission , so make this request with admin user. or make reg entry

[fanyibo2009]

remote UAC problem. you can try administrator user.