by Jill Kamperides
About the Author
Jill is a Manager at OCD Tech, a Boston-based cybersecurity consulting firm. She oversees the firm’s IT Advisory Services and has a strong focus in penetration testing, having earned her GPEN certification in 2020. She’s conducted numerous assessments, the most common of which have been penetration tests of Active Directory, external infrastructure, cloud environments, and web applications. Jill has a bachelor’s degree in English from the University of Massachusetts, Boston. She is currently learning mobile application penetration testing.
Introduction
This article will cover four similar, but different, techniques for escalating privileges on Windows systems. Each technique, at its core, has to do with permissions loopholes and basic program execution, and is more about operating system logic than any intense technical exploitation.
These methods of Windows privilege escalation can be broadly categorized as “hijacking execution flow,” as referenced in the MITRE ATT&CK framework, an industry-recognized repository of attacker techniques. More specifically, the four methods covered in this article are:
- Service File Permission Weaknesses
- Service Registry Permission Weaknesses
- DLL Search Order Hijacking
- Path Interception by Search Order Hijacking
This article is not a technical guide on commands and tools to use for privilege escalation. Rather, this article is....
Author
Latest Articles
- OfficialFebruary 22, 2023Windows Privilege Escalation: The Concepts of Hijacking Execution Flow
- OfficialFebruary 22, 2023Building Intuition into Monitoring for OT/ICS Security
- OfficialFebruary 22, 2023WiFi Pentesting with Airodump-ng
- OfficialFebruary 21, 2023ETW vs Sysmon Against C2 Servers
I like these ideas you shared and it is good for us to learn more here so we know how to deal with it. If you visit the website here you will find the best services that are bringing us the right solutions to these problems.
Paven
When you’re feeling down, worn out, or simply need a little inspiration to keep going, dordle is a fantastic game to have on hand!