Tag

Pentesting

Guides, Privilege Escalation, Windows

Windows Privilege Escalation – Insecure GUI Applications

Introduction

Certain applications may be running or may be allowed to run with higher privileges than the current user due to their need to access particular system files or simply due to misconfigurations. Since anything done within the said application will be executed with the privileges of the process, if it allows to perform other actions such as opening a command prompt or running executables those will also be executed with high privileges, therefore allowing to escalate privileges.

Read more
Guides, Linux, Privilege Escalation

Linux Privilege Escalation – Exploiting User-Defined Functions

Introduction

User-Defined Functions in MySQL are used to extend the functionality by adding external code that will work the same as inbuilt functions. Certain versions of MySQL are affected by vulnerabilities that could allow attackers with database root access to execute code in the context of the MySQL process, which is often root, and escalate privileges.

Read more