Metasploit and privilege escalation
In this section, we will look at using Metasploit to obtain the highest level of privileges on the target system. Most of the applications we are targeting run on user-level privileges, which provide us with general access but not access to the complete system. However, to obtain system-level access, we need to escalate privileges using vulnerabilities in the target system after gaining access to the system. Let us see how we can achieve system-level access to various types of operating system in the next sections.
Escalating privileges on Windows Server 2008
During a penetration test, we often run into situations where we have limited access, and, when running commands such as hashdump, we might get the following error:
In such cases, if we try achieving system privileges with the getsystem command, we get the following errors:
So, what shall we do in these cases? The answer is to escalate privileges using post-exploitation to achieve the highest level of...
