Privilege Escalation

Vertical privilege - when a lower-level user executes at a higher privilege level than they should have access to
Horizontal privilege - simply executing code at the same user level but from a location that should be protected from access
Four ways to obtain root privileges
1. Crack the password of an admin or root account (should be primary aim)
2. Take advantage of a vulnerability found in the OS or in an application
3. Use a tool that will provide you the access you need (Ex. Metasploit)
4. Social Engineering - easiest method and probably most effective method

An attack where you replace DLLs in the same application directory with your own malicious version
It works because Windows applications don't bother with a full path when loading external DLLs
In a Mac use the DYLIB hijacking instead

Simply starting things such as — keyloggers, spyware, back doors and crackers
Simply the idea that once you have access to the system, execute at or above your privilege level to accomplish what you need to do

Last updated 11 months ago