Book Image

Privilege Escalation Techniques

By : Alexis Ahmed
5 (2)
Book Image

Privilege Escalation Techniques

5 (2)
By: Alexis Ahmed

Overview of this book

Privilege Escalation Techniques is a detailed guide to privilege escalation techniques and tools for both Windows and Linux systems. This is a one-of-a-kind resource that will deepen your understanding of both platforms and provide detailed, easy-to-follow instructions for your first foray into privilege escalation. The book uses virtual environments that you can download to test and run tools and techniques. After a refresher on gaining access and surveying systems, each chapter will feature an exploitation challenge in the form of pre-built virtual machines (VMs). As you progress, you will learn how to enumerate and exploit a target Linux or Windows system. You’ll then get a demonstration on how you can escalate your privileges to the highest level. By the end of this book, you will have gained all the knowledge and skills you need to be able to perform local kernel exploits, escalate privileges through vulnerabilities in services, maintain persistence, and enumerate information from the target such as passwords and password hashes.

Related Content you might be interested in

Current Title:

Small book image
Privilege Escalation Techniques
Alexis Ahmed
Nov, 2021 | 340 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Metasploit Bootcamp
Nipun Jaswal
May, 2017 | 230 pages
Small book image
Metasploit 5.0 for Beginners
Sagar Rahalkar
Apr, 2020 | 246 pages
Table of Contents (18 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Code in Action
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Gaining Access and Local Enumeration
Section 1: Gaining Access and Local Enumeration
Free Chapter
2
Chapter 1: Introduction to Privilege Escalation
Chapter 1: Introduction to Privilege Escalation
What is privilege escalation?
How permissions and privileges are assigned
Understanding the differences between privilege escalation on Windows and Linux
Exploring the types of privilege escalation attack
Summary
3
Chapter 2: Setting Up Our Lab
Chapter 2: Setting Up Our Lab
Technical requirements
Designing our lab
Building our lab
Setting up Kali Linux
Summary
4
Chapter 3: Gaining Access (Exploitation)
Chapter 3: Gaining Access (Exploitation)
Technical requirements
Setting up Metasploit
Information gathering and footprinting
Gaining access
Summary
5
Chapter 4: Performing Local Enumeration
Chapter 4: Performing Local Enumeration
Technical requirements
Understanding the enumeration process
Windows enumeration
Linux enumeration
Summary
6
Section 2: Windows Privilege Escalation
Section 2: Windows Privilege Escalation
7
Chapter 5: Windows Kernel Exploits
Chapter 5: Windows Kernel Exploits
Technical requirements
Understanding kernel exploits
Kernel exploitation with Metasploit
Manual kernel exploitation
Summary
8
Chapter 6: Impersonation Attacks
Chapter 6: Impersonation Attacks
Technical requirements
Understanding Windows access tokens
Enumerating privileges
Token impersonation attacks
Escalating privileges via a Potato attack
Summary
9
Chapter 7: Windows Password Mining
Chapter 7: Windows Password Mining
Technical requirements
What is password mining?
Searching for passwords in files
Searching for passwords in Windows configuration files
Searching for application passwords
Dumping Windows hashes
Cracking Windows hashes
Summary
10
Chapter 8: Exploiting Services
Chapter 8: Exploiting Services
Technical requirements
Exploiting services and misconfigurations
Exploiting unquoted service paths
Exploiting secondary logon
Exploiting weak service permissions
DLL hijacking
Summary
11
Chapter 9: Privilege Escalation through the Windows Registry
Chapter 9: Privilege Escalation through the Windows Registry
Technical requirements
Understanding the Windows Registry
Exploiting Autorun programs
Exploiting the Always Install Elevated feature
Exploiting weak registry permissions
Summary
12
Section 3: Linux Privilege Escalation
Section 3: Linux Privilege Escalation
13
Chapter 10: Linux Kernel Exploits
Chapter 10: Linux Kernel Exploits
Technical requirements
Understanding the Linux kernel
Kernel exploitation with Metasploit
Manual kernel exploitation
Summary
14
Chapter 11: Linux Password Mining
Chapter 11: Linux Password Mining
Technical requirements
What is password mining?
Extracting passwords from memory
Searching for passwords in configuration files
Searching for passwords in history files
Summary
15
Chapter 12: Scheduled Tasks
Chapter 12: Scheduled Tasks
Technical requirements
Introduction to cron jobs
Escalation via cron paths
Escalation via cron wildcards
Escalation via cron file overwrites
Summary
16
Chapter 13: Exploiting SUID Binaries
Chapter 13: Exploiting SUID Binaries
Technical requirements
Introduction to filesystem permissions on Linux
Searching for SUID binaries
Escalation via shared object injection
Summary
Why subscribe?
17
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

What this book covers

Chapter 1, Introduction to Privilege Escalation, introduces you to the privilege escalation process, the various types of privilege escalation attacks, and the differences between privilege escalation on Windows and Linux.

Chapter 2, Setting Up Our Lab, introduces you to the concept of virtualization, how to build your own penetration testing lab, how to set up vulnerable virtual machines, and installing and configuring Kali Linux.

Chapter 3, Gaining Access (Exploitation), focuses on the process of setting up the Metasploit framework, performing information gathering with Nmap, identifying vulnerabilities, and exploiting them to gain access to a system.

Chapter 4, Performing Local Enumeration, covers the process of enumerating information from Windows and Linux systems manually and automatically.

Chapter 5, Windows Kernel Exploits, explores the process of performing kernel exploitation manually and automatically with Metasploit in order to elevate your privileges.

Chapter 6, Impersonation Attacks, explains how Windows access tokens work, outlines the process of enumerating privileges, explains token impersonation attacks, and covers the process of elevating your privileges via the Rotten Potato attack.

Chapter 7, Windows Password Mining, explores the process of searching for passwords in files and Windows configuration files, searching for application passwords, dumping Windows hashes, and cracking dumped password hashes in order to elevate your privileges.

Chapter 8, Exploiting Services, covers the process of exploiting unquoted service paths, exploiting the secondary logon handle, exploiting weak service permissions, and performing DLL hijacking.

Chapter 9, Privilege Escalation through the Windows Registry, examines the process of exploiting weak registry permissions, autorun programs, and exploiting the Always Install Elevated feature.

Chapter 10, Linux Kernel Exploits, explains the workings of the Linux kernel and covers the process of performing kernel exploitation both manually and automatically with Metasploit.

Chapter 11, Linux Password Mining, focuses on the process of extracting passwords from memory, searching for passwords in configuration files, and searching for passwords in Linux history files.

Chapter 12, Scheduled Tasks, introduces you to cron jobs on Linux and covers the process of escalating your privileges by exploiting cron paths, cron wildcards, and cron file overwrites.

Chapter 13, Exploiting SUID Binaries, outlines how filesystem permissions on Linux work and explores the process of searching for SUID binaries and elevating your privileges through the use of shared object injection.

Previous Section
Next Section