nerdexam
GIAC

GCIH · Question #694

Which of the following Metasploit module types would contain privilege escalation capabilities?

The correct answer is C. Post. Metasploit's Post modules are post-exploitation modules that run after an initial session has been established. They cover actions such as privilege escalation, credential harvesting, pivoting, persistence, and lateral movement - all activities performed once a foothold exists. A

Vulnerability Exploitation & Privilege Escalation

Question

Which of the following Metasploit module types would contain privilege escalation capabilities?

Options

  • AAuxiliary
  • BExploit
  • CPost
  • DPayload

How the community answered

(35 responses)
  • A
    3% (1)
  • B
    3% (1)
  • C
    86% (30)
  • D
    9% (3)

Explanation

Metasploit's Post modules are post-exploitation modules that run after an initial session has been established. They cover actions such as privilege escalation, credential harvesting, pivoting, persistence, and lateral movement - all activities performed once a foothold exists. Auxiliary modules (A) handle reconnaissance tasks like scanning and fuzzing. Exploit modules (B) are used to leverage a vulnerability and gain the initial session. Payload modules (D) define the code that executes on the target after a successful exploit (e.g., a Meterpreter shell). Because privilege escalation requires an existing session to work from, it belongs in the Post category.

Topics

#Metasploit#post-exploitation modules#privilege escalation#framework architecture

Community Discussion

No community discussion yet for this question.

Full GCIH Practice