PT0-002 · Question #624
PT0-002 Question #624: Real Exam Question with Answer & Explanation
The correct answer is C: This host has been exploited previously.. The error message "CertUtil: The file exists" indicates that the file mimikatz.exe is already present on the system. Since Mimikatz is a well-known post-exploitation tool used to extract credentials, its presence suggests that this machine has been compromised before by another a
Question
A penetration tester obtains a reverse shell on a server and attempts to download tools for further exploitation. The penetration tester runs a script and obtains the following output: Which of the following best explains this situation?
Options
- AThis script must be executed multiple times.
- BAntivirus has blocked the use of the certutil command.
- CThis host has been exploited previously.
- DThe file is not available on the penetration tester's staging server.
Explanation
The error message "CertUtil: The file exists" indicates that the file mimikatz.exe is already present on the system. Since Mimikatz is a well-known post-exploitation tool used to extract credentials, its presence suggests that this machine has been compromised before by another attacker or during previous penetration testing activities.
Topics
Community Discussion
No community discussion yet for this question.