GIAC Penetration Tester (GPEN) — Question 62

You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the svchost process. After modifying some files to set up a persistent backdoor you realize that you will need to change the modified and access times of the files to ensure that the administrator can't see the changes you made. Which Meterpreter module would you need to load in order to do this?

Answer options

• A. Core
• B. Priv
• C. Stdapi
• D. Browser

Correct answer: D

Explanation

The correct answer is D, as the Browser module in Meterpreter allows for file time manipulation, including modifying the access and modified timestamps. The other options, Core, Priv, and Stdapi, do not specifically provide functionalities for altering file timestamps.