System Exploitation
Internal Vulnerabilities
only possible if local access is somehow obtained first
an effective method of elevating privileges on a target system
Sensitive Data
We may not always obtain administrative permissions
Ex: We successfully downloaded the / etc/shadow
Once we have access to a command prompt, we need to take a bit of time and really explore the server for useful data
Meterpreter
Once we have Meterpreter running, we can explore the exploited system.
It is possible to “jump” from the current user/process into one that is more elevated