PenTest+ PenTest+ Post-Exploitation & Pivoting

Question 1

Which tool is commonly used for maintaining persistent access and post-exploitation activities after initial compromise?

Accepted Answer

Metasploit Meterpreter

Answer

Metasploit Meterpreter provides a powerful in-memory post-exploitation shell with built-in features for persistence, pivoting, and lateral movement.

Question 2

Which command finds SUID binaries on Linux that can be abused for privilege escalation?

Accepted Answer

find / -perm -4000 2>/dev/null

Answer

The find command with -perm -4000 locates SUID binaries that run with elevated privileges and are commonly abused to escalate to root.

Question 3

What does token impersonation allow an attacker to do in a Windows post-exploitation scenario?

Accepted Answer

Assume the identity and privileges of another logged-in user

Answer

Token impersonation steals authentication tokens from other logged-in users to assume their privileges without needing their plaintext password.

Question 4

Which tool is widely used to extract plaintext passwords and NTLM hashes from Windows LSASS memory?

Accepted Answer

Mimikatz

Answer

Mimikatz is the standard tool for dumping plaintext credentials, NTLM hashes, and Kerberos tickets directly from Windows LSASS process memory.

Question 5

What does 'living off the land' (LotL) mean in a post-exploitation context?

Accepted Answer

Using built-in OS tools like PowerShell and WMI to avoid detection

Answer

Living off the land uses legitimate, built-in OS utilities (PowerShell, WMI, certutil) for malicious purposes to blend in and evade security tools.

(PenTest+) CompTIA PenTest+ Certification Practice Test