Hi guys, I have a question regarding Metasploit. 

I'm happy with the process for running Metasploit against a remote host and with using the msfpayload function of Metasploit but...

Is it possible to create an executable using Metasploit that will exploit a vulnerabilty on the local machine that is running in the context of a restricted user to raise the priviledges of the user or execute any other payload that is specified such as create an Administrative Account or install a VNC server and connect back to another host?

Maybe i have missed something, but to run a payload that was created with msfpayload it seems to asume that the user/victim already has administrative rights on the target PC.

You're referring to privilege escalation on a machine that you already have some level of access to?  There are a lot of tools you can use for that, but metasploit sure wouldn't be my first choice.  They plan to built it out in the future to do this via the meterpreter tool, but it still doesn't seem to be the best option.  Hell, you could just pick the relevant exploit out of:

http://www.milw0rm.com/local.php

You can use Metasploit's meterpreter payload to either drop the machines NTLM hashes then crack them or upload a local exploit and execute it.

I posted about meterpreter recently on my personal blog.

http://www.ethicalhack3r.co.uk

There's nothing necessarily wrong with your settings, assuming of course that you have the IPs and ports right, but those are specific to your environment, and only you can know those.
What you're looking at here basically is that your exploit failed.  This could be because the system isn't vulnerable to the exploit you're trying.  It also could be a firewall getting in the way.  It's possible the remote system has a firewall that's preventing your payload from connecting back to your station.
I'm assuming your in an environment where you have access to the system your exploiting, so check to see if there's a firewall running, or any other software that might be protecting the system.  Also make sure you're not running a firewall on the local machine.
I'd also double check the exploit your using.  Research it and find out what it's exploiting. Also was there a patch to fix the vulnerability?  If so (and there probably is), has the patch been applied to the system?
BTW, if the problem is firewal/security software related, you might try a different payload, or a different port.  For example, there may be a firewall that only allows outgoing traffic on certain ports.  Outgoing port 4444 is probably blocked in this circumstance.  If the firewall is blocking based on port, then use a port that wouldn't be blocked, like port 80.  Just make sure you aren't running a local web server so port 80 is free.
So to recap:
1. Make sure the system is vulnerable and not patched. (FYI, details on the vulnerability can be found at: http://www.microsoft.com/technet/security/Bulletin/ms06-040.mspx )
2. Check for firewall on the remote system (on the local system too for that matter)
3. Try a common port that isn't likely to be blocked
4.  One more thing, if you really want to see what's happening

Hope this helps.

I think maybe you're wrong about that.  If i remember correctly i dumped the hash with meterpreters hashdump only having usr privs.
That was after i was unsuccessful with pwdump through cmd shell.

d3l0n is right, you have to have admin or system level privileges in order to dump the hashes.