Book Image

Privilege Escalation Techniques

By : Alexis Ahmed
5 (2)
Book Image

Privilege Escalation Techniques

5 (2)
By: Alexis Ahmed

Overview of this book

Privilege Escalation Techniques is a detailed guide to privilege escalation techniques and tools for both Windows and Linux systems. This is a one-of-a-kind resource that will deepen your understanding of both platforms and provide detailed, easy-to-follow instructions for your first foray into privilege escalation. The book uses virtual environments that you can download to test and run tools and techniques. After a refresher on gaining access and surveying systems, each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit a target Linux or Windows system. You’ll then get a demonstration on how you can escalate your privileges to the highest level. By the end of this book, you will have gained all the knowledge and skills you need to be able to perform local kernel exploits, escalate privileges through vulnerabilities in services, maintain persistence, and enumerate information from the target such as passwords and password hashes.
Table of Contents (18 chapters)
1
Section 1: Gaining Access and Local Enumeration
6
Section 2: Windows Privilege Escalation
12
Section 3: Linux Privilege Escalation

Kernel exploitation with Metasploit

We can begin the kernel exploitation process by taking a look at how to use kernel exploits with the Metasploit framework. The Metasploit framework offers an automated and modularized solution and streamlines the exploitation process.

For this section, our target system will be the Ubuntu 16.04 virtual machine. As a prerequisite, ensure that you have gained your initial foothold on the system and have a meterpreter session:

  1. The first step involves scanning the target for potential exploits. For this, we will be using the local_exploit_suggester module. This process was covered in depth in the previous chapter.
  2. We can load the module in Metasploit by running the following command:
    use post/multi/recon/local_exploit_suggester
  3. After loading the module, you will need to set the SESSION option for the module. The SESSION option requires the session ID of your meterpreter session. This can be done by running the following command:
    set...