Attacking the Domain
An attacker that has gained a foothold on a network using the techniques of Chapter 2 can use Metasploit to expand their influence. Metasploit comes with reconnaissance modules that allow the attacker to determine their user privileges, the domain controller(s), and the account names for the domain administrators. Moreover, Metasploit also has a number of privilege escalation modules that allow the attacker to gain SYSTEM privileges on the host.
With SYSTEM privileges on a system in the Window domain, the attacker can use the Incognito and the Kiwi extensions to Meterpreter to gain domain administrator ...