Here we will write and illustrate common and new ways for privilege escalation on Windows.
In our industry, there is not enough discussion about Windows privilege escalation.
So here I plan to discuss and share the subject through a series of blog posts. I will reveal and describe:
- The main principles of privilege escalation
- Methodologies and tools
- Relevant new ways to achieve our goals
So what is privilege escalation?
It is all about gaining access to restricted resources on a system. The systems we discuss in this series are Windows.
Now imagine the following scenario: you are using a locked down desktop.
Maybe you are using a virtual desktop or a locked down laptop.
Privilege escalation s not just restricted to workstations.
Imagine you have compromised an IIS web server and managed to gain access to it. On hardened servers you will only have access to limited resources. To punch further into the network, you will need to gain more privileges.
So, from here, you can see that there are many reasons for privilege escalation. This series of blogs will show you how. Understanding this type of attacks will help you better defend your business.