The beacon menu

The beacon menu can be accessed by right-clicking on the host. The Access menu contains the options shown as follows:

  • Dump Hashes: This will run the hashdump command on the beacon as shown below, which dumps the system's NT LAN Manager (NTLM) hashes. It requires elevated privileges:
  • Elevate: Cobalt Strike has a few inbuilt exploits for privilege escalation that we can use to gain admin rights. We choose Access | Elevate from the menu, as shown in the following screenshot:

Clicking on this option will open a new window where ...

Get Hands-On Red Team Tactics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.