Tag
This is a vulnerability that manifests itself whenever the path to the executable used for a service is not surrounded by quotes.
This can be exploited to execute an arbitrary binary when the vulnerable service starts, which could allow to escalate privileges to SYSTEM
Read moreLinux-based operating systems, like most systems, have a way of scheduling the launch of programs or scripts based on certain time intervals to help automate recurring tasks. This can often become weaknesses and allow attackers to escalate privileges to root if improperly configured.
This guide will go through the main methods used to exploit scheduled tasks.
Read moreToken impersonation is a technique through which a Windows local administrator could steal another user’s security token in order to impersonate and effectively execute commands as that user.
That are certain privileges in Windows that, if enabled, could lead to an attacker escalating privileges to SYSTEM, through various tools that have been designed to specifically exploit this vulnerability.
Read moreWindows systems and applications often store clear text, encoded or hashed credentials in files, registry keys or in memory.
When gaining initial access to a Windows machine and performing privilege escalation enumeration steps, often passwords can be found through these means and they can be used to further escalate privileges.
Read moreSudo is a Linux utility that allows users to run commands with the privileges of another user, when no arguments are provided, this will execute the command as the root user.
If sudo is not configured correctly, this could allow attackers to escalate their privileges to root.
Read moreThe kernel is a component of the operating system that sits at the core of it, it has complete control over everything that occurs in the system. Because of this, exploiting vulnerabilities in the kernel will pretty much always result in a full system compromise.
Kernel exploits affect a certain version of a kernel or operating system and they are generally executed locally on the target machine in order to escalate privileges to root.
Read moreThe /etc/passwd file is used in Linux operating systems to store user information such as user hashes, groups, home directory and more.
If improper file permissions are used for this file, this could allow attackers to escalate privileges to root.
Read moreThis is a Linux box that involved exploiting the PUT http method to upload a PHP script through which a reverse shell can be obtained, and then using a known vulnerability in the chkrootkit program to escalate to root.
Read morePrivilege escalation is a crucial step in the penetration testing lifecycle, through this checklist I intend to cover all the main vectors used in Windows privilege escalation, and some of my personal notes that I used in previous penetration tests.
Read morePrivilege escalation is a crucial step in the penetration testing lifecycle, through this Checklist I intend to cover all the main vectors used in Linux privilege escalation, and some of my personal notes that I used in previous penetration tests.
Read more