Capabilities – Linux Privilege Escalation
In this post, we will perform a deep-dive on how to exploit various capabilities. Specifically, we will see how six different capabilities can be leveraged by an attacker (that’s us!) to obtain…
Read More
MySQL User Defined Functions – Linux Privilege Escalation
In this post we will learn how to elevate our privileges on a Linux target by abusing User Defined Functions (UDF) in MySQL. By discovering a few bad configuration choices and locating…
Kernel Exploits – Linux Privilege Escalation
In this post we will be exploring various kernel exploits that can be used for Linux Privilege Escalation from standard user to root. We will start by using various commands to find…
Manual Enumeration – Windows Privileged Escalation
In this post we will be exploring manual enumeration techniques that can be used to get a “lay of the land” on the target once a foothold has been established. Manual enumeration…
Insecure GUI Applications – Windows Privilege Escalation
In this post we will review how Insecure GUI Applications can be abused to achieve privilege escalation on a Windows target. We will start by finding a shortcut to an application on…
AppLocker Bypass – Windows Privilege Escalation
In this post we will cover the topic of AppLocker Bypass, which can be considered a step towards Windows Privilege Escalation because AppLocker will stuff all of our attempts to execute any…
WSL – Windows Privilege Escalation
In this post we will be going over Windows Subsystem for Linux (WSL) and how it can be exploited as a potential means for privilege escalation. We will obtain a foothold on…
Password Hunting – Windows Privilege Escalation
In this post we will be exploring the art of password hunting on a target machine as a means to escalate privileges either horizontally or vertically. We will go over various different…
DLL Hijacking – Windows Privilege Escalation
Continuing with Windows Privilege Escalation techniques, in this post we will be covering the concept of DLL Hijacking. We will be focusing on two different types of DLL hijacking, which can both…