What is Empire module category: Management - ANSWER Send emails, Perform RunAs, inject hashes into LSAS, Alter file system MAC times
What is Empire
... [Show More] module category: Persistence - ANSWER Establish persistence via run reg key, logon scripts, system boot, task scheduler
What is Empire module category: Recon - ANSWER Find additional targets via network sweeps
What is Empire module category: Situational Awareness - ANSWER ARP scan, port scan, SMB scan, Reverse DNS lookup, gather domain details
What is Empire module category: Trollsploit - ANSWER "Never gonna give you up, Never gonna let you down"
Empire: What command will change the time in seconds the agents will send a request for more commands back to the listener - ANSWER set DefaultDelay [1-5]
Empire module: code_execution - ANSWER let you run code including Metasploit on the target box
Empire module: collection - ANSWER let you pillage information from the target machine
Empire module: credentials - ANSWER let you plunder usernames, hashes, and passwords from the target
Empire module: exploitation - ANSWER let you exploit additional targets
Empire module: Lateral_movement - ANSWER let you pivot to other target machines
What does Empire attack module "privesc/ask" do - ANSWER pops us a UAC promp and asks user logged in to Windows for permissions to execute a program
With the "(Empire: agents) > " prompt, what empire command can be used to jump into an active session? - ANSWER interact [SessionNameHigh]
On a Windows machine, What command will list members of local admin group - ANSWER net localgroup administrators
On a Windows machine, What command will list local groups - ANSWER net localgroup
On a Windows machine, What command will list local users - ANSWER net user
On a Windows machine, What command will delete a user in the local admin group - ANSWER net localgroup administrators [user_name] /del
On a Windows machine, What command will show all configurations of the built-in Windows firewall - ANSWER netsh advfirewall show allprofiles
On a Windows machine, What command will allow a port inbound on the built-in Windows firewall - ANSWER netsh advfirewall firewall add rule name="[given_name]" dir= in action=allow remoteip=[your_IP_address] protocol=TCP/UDP localport=[port#]
On a Windows machine, What command will change/add a registry key? - ANSWER reg add [keyname] /v [ValueName] /t [type] /d [data] [Show Less]