Capabilities – Linux Privilege Escalation

In this post, we will perform a deep-dive on how to exploit various capabilities. Specifically, we will see how six different capabilities can be leveraged by an attacker (that’s us!) to obtain…
In this post, we will perform a deep-dive on how to exploit various capabilities. Specifically, we will see how six different capabilities can be leveraged by an attacker (that’s us!) to obtain…
In this post we will learn how to elevate our privileges on a Linux target by abusing User Defined Functions (UDF) in MySQL. By discovering a few bad configuration choices and locating…
In this post we will be exploring various kernel exploits that can be used for Linux Privilege Escalation from standard user to root. We will start by using various commands to find…
In this post we will be exploring manual enumeration techniques that can be used to get a “lay of the land” on the target once a foothold has been established. Manual enumeration…
In this post we will review how Insecure GUI Applications can be abused to achieve privilege escalation on a Windows target. We will start by finding a shortcut to an application on…
In this post we will cover the topic of AppLocker Bypass, which can be considered a step towards Windows Privilege Escalation because AppLocker will stuff all of our attempts to execute any…
In this post we will be going over Windows Subsystem for Linux (WSL) and how it can be exploited as a potential means for privilege escalation. We will obtain a foothold on…
In this post we will be exploring the art of password hunting on a target machine as a means to escalate privileges either horizontally or vertically. We will go over various different…
Continuing with Windows Privilege Escalation techniques, in this post we will be covering the concept of DLL Hijacking. We will be focusing on two different types of DLL hijacking, which can both…