Exploiting the Windows Access Control Model
This chapter teaches you about Windows Access Control and how to find instances of misconfigured access control that are exploitable for local privilege escalation.
In this chapter, we cover the following topics:
• Why hackers are interested in access control
• How Windows Access Control works
• Tools for analyzing access control configurations
• Special SIDs, special access, and “access denied”
• Access control for elevation of privilege
• Attack patterns for each interesting object type
• Other object types
Why Access Control Is Interesting to a Hacker
Access control is about the ...