GIAC Penetration Tester (GPEN) — Question 12

A penetration tester used a client-side browser exploit from metasploit to get an unprivileged shell prompt on the target Windows desktop. The penetration tester then tried using the getsystem command to perform a local privilege escalation which failed. Which of the following could resolve the problem?

Answer options

• A. Load priv module and try getsystem again
• B. Run getuid command, then getpriv command, and try getsystem again
• C. Run getuid command and try getsystem again
• D. Use getprivs command instead of getsystem

Correct answer: B

Explanation

The correct answer is B because running the getuid command first helps to identify the current user privileges, and then using the getpriv command can help to gain the necessary privileges before retrying getsystem. Options A and D do not address the need to check current privileges, while option C skips the essential step of checking and elevating privileges.