Category:Penetration-testing/Privilege-escalation

From aldeid
Jump to navigation Jump to search
You are here
privilege escalation

Description

What is a privilege escalation?

Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

Resources

https://gtfobins.github.io/
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
http://pentestmonkey.net/
A lot of useful resources (reverse shell, priv escalation, ...)
https://netsec.ws/?p=337
Spawning a TTY shell

OS