PT0-003 · Question #24
PT0-003 Question #24: Real Exam Question with Answer & Explanation
The correct answer is A: Log off and log on with "hacker".. In the scenario where a penetration tester uses the PrintNightmare exploit to create a new user with administrative privileges but still experiences low-privilege access, the tester should log off and log on with the new "hacker" account to escalate privileges correctly.
Question
During an assessment, a penetration tester manages to get RDP access via a low-privilege user. The tester attempts to escalate privileges by running the following commands: Import-Module .\PrintNightmare.ps1 Invoke-Nightmare -NewUser "hacker" -NewPassword "Password123!" - DriverName "Print" The tester attempts to further enumerate the host with the new administrative privileges by using the runas command. However, the access level is still low. Which of the following actions should the penetration tester take next?
Options
- ALog off and log on with "hacker".
- BAttempt to add another user.
- CBypass the execution policy.
- DAdd a malicious printer driver.
Explanation
In the scenario where a penetration tester uses the PrintNightmare exploit to create a new user with administrative privileges but still experiences low-privilege access, the tester should log off and log on with the new "hacker" account to escalate privileges correctly.
Topics
Community Discussion
No community discussion yet for this question.