Post-Exploitation ๐ฉ CTFs & Labs ๐งช โ Quizzes Introduction To Post-Exploitation Question Answer The post-exploitation techniques you can use will differ based on the operating system running on a target. True
Post-Exploitation Methodology Question Answer Which one of the following post-exploitation phases is typically performed first? Local Enumeration
Question Answer Which one of the following Windows commands can be used to enumerate a list of installed updates in addition to the HotFix URL? wmic qfe get Caption,Description,HotFixID,InstalledOn
Enumerating Users & Groups - Windows Question Answer Which one of the following Windows commands can be used to display the members of the local administrators group? net localgroup administrators The Windows Administrator account is disabled by default unless it is explicitly enabled. True Which one of the following Windows commands can be used to enumerate the privileges of the current user? whoami /priv
Question Answer Which one of the following netstat commands can be used to display a list of all active TCP and UDP connections along with their process IDs (PIDs) in numerical format? netstat -ano
Enumerating Processes & Services Question Answer Which one of the following Windows commands can be used to enumerate the list of running processes and the respective services being used by the processes? wmic service list brief tasklist /SVC What meterpreter command would you typically run to identify the PID of a specific process? pgrep explorer.exe
Automating Windows Local Enumeration Question Answer Local enumeration automation scripts can replace manual local enumeration techniques. False Which one of the following MSF modules can be used to enumerate a list of SMB shares on the target system? windows/gather/enum_shares
Question Answer Which one of the following Linux commands can be used to enumerate the Distribution name and release version on a Linux system? cat /etc/*release
Enumerating Users & Groups - Linux Question Answer Which one of the following Linux commands can be used to display the groups that a specific user is a member of? groups
Question Answer Which one of the following Linux commands can be used to display the primary nameserver that will be used by default? cat /etc/resolv.conf
Enumerating Processes & Cron Jobs | Question | Answer | | -------------------------------------------------------------------------------------------------------------------------- | ------ | --------- | | Which one of the following Linux commands can be used to display only the processes that are running with root privileges? | ps aux | grep root |
Automating Linux Local Enumeration Question Answer Which one of the following commands can be used to display a list of installed shells on a Linux system? cat /etc/shells In addition to automating local enumeration on Linux, the LinEnum script also enumerates a list of installed compilers. True Which one of the following commands can be used to assign executable permissions to a file on Linux? chmod +x script.sh
Setting Up A Web Server With Python Question Answer Which one of the following commands can be used to run the http.server Python module on port 8080? python3 -m http.server 8080
Transferring Files To Windows Targets Question Answer Which one of the following Windows utilities can be used to download files from a remote web server? certutil
Transferring Files To Linux Targets Upgrading Non-Interactive Shells Question Answer Which one of the following Linux commands can be used to upgrade a non-interactive shell to a bash session? python -c 'import pty;pty.spawn("/bin/bash")'
Identifying Windows Privilege Escalation Vulnerabilities Question Answer The PrivescCheck PowerShell script can be used to identify services with weak permissions. True What PowerShell command can be used to bypass the default execution policy when running PowerShell scripts from the Windows command line? powershell Set-ExecutionPolicy Bypass .\script.ps1
Windows Privilege Escalation Question Answer After obtaining user account credentials, what protocols can we use to authenticate with the Windows target? (Select all that apply) WinRM,RDP,SMB
Linux Privilege Escalation - Weak Permissions Question Answer Which one of the following Linux commands can be used to identify files with the write permission applied for all user accounts? find / -not -type l -perm -o+w
Linux Privilege Escalation - SUDO Privileges Question Answer Which one of the following Linux commands can be used to identify commands that can be executed with specific SUDO permissions? sudo -l
April 18, 2025 April 18, 2025