Once we have the shell of the machine, we will pilfer information from it. First, we will check what privilege level we are at. We want to be at the system privilege level so that we can access the data without problem. We need to interact with our shell, so press Enter in the Kali window and enter sessions –i 1
to access the session. Once you are in the session, enter getuid
. An example of this is shown in the following screenshot:
As the previous screenshot shows, we are not at the system privilege level, so we want to fix that now. Enter ps
to display the running processes on the victim machine. We will find a process that runs at the system privilege level. A sample of the victim machine of our example is shown in the following screenshot:
As the previous screenshot shows, we have several processes to choose from. We will attempt to migrate the process Mcshield.exe
. To do this, we enter migrate 1960
and wait to see whether our process is successful. If we...