Now that we have access to the system, we can create a normal user account with limited permissions using the net user command. We’ll create a new user account to demonstrate how to elevate permissions as that user. (You will learn more about this in Chapter 8.)

When we compromise a limited user account, we will run into restrictions that prevent us from executing commands that require administrative-level permissions. By elevating an account’s permissions, we overcome that restriction.

On a Windows XP target machine, we enter the following command:

C:\Documents and Settings\Administrator>net user bob password123 /add.

Next, we create a Meterpreter-based payload, payload.exe, copy it to the target’s XP machine, and run it under ...