Advanced extended features of Metasploit
Throughout this chapter, we've covered a lot of post exploitation. Let's now cover some of the advanced exploitation features of Metasploit in this section.
Privilege escalation using Metasploit
During the course of a penetration test, we often run into situations where we have limited access and if we run commands such as hashdump, we might get the following error:
In such cases, if we try to get system privileges with the getsystem command, we get the following errors:
So, what shall we do in these cases? The answer is to escalate privileges using post-exploitation to achieve the highest level of access. The following demonstration is conducted over a Windows Server 2008 SP1 operating system, where we used a local exploit to bypass the restrictions and gain complete access to the target:
In the preceding screenshot, we used the exploit/windows/local/ms10_015_kitrap0d exploit to escalate privileges and gain the highest level of access. Let's check the...
