The beacon menu can be accessed by right-clicking on the host. The Access menu contains the options shown as follows:
- Dump Hashes: This will run the hashdump command on the beacon as shown below, which dumps the system's NT LAN Manager (NTLM) hashes. It requires elevated privileges:
- Elevate: Cobalt Strike has a few inbuilt exploits for privilege escalation that we can use to gain admin rights. We choose Access | Elevate from the menu, as shown in the following screenshot:
Clicking on this option will open a new window where ...