Privilege Escalation

The general goal of Windows privilege escalation is to further our access to a given system to a member of the Local Administrators group or the NT AUTHORITY\SYSTEM LocalSystem account. There may, however, be scenarios where escalating to another user on the system may be enough to reach our goal. Privilege escalation is often vital to continue through a network towards our ultimate objective, as well as for lateral movement.

As penetration testers, it's vital to understand manual privilege escalation techniques, especially in restrictive environments. When placed on a managed workstation with no internet, strict firewalls, and disabled USB ports, relying solely on tools or scripts may not be an option. In such cases, mastering Windows privilege escalation checks via PowerShell and the command line is essential.

Some of the ways that we can escalate privileges are:

Abusing Windows group privileges
Abusing Windows user privileges
Bypassing User Account Control
Abusing weak service/file permissions
Leveraging unpatched kernel exploits
Credential theft
Traffic Capture

PreviousCred Hunting NextPrivileges

Last updated 3 months ago

Privilege Escalation

Some of the ways that we can escalate privileges are:

Abusing Windows group privileges
Abusing Windows user privileges
Bypassing User Account Control
Abusing weak service/file permissions
Leveraging unpatched kernel exploits
Credential theft
Traffic Capture

PreviousCred Hunting NextPrivileges

Last updated 3 months ago