Exploiting the Windows Access Control Model

This chapter teaches you about Windows Access Control and how to find instances of misconfigured access control that are exploitable for local privilege escalation.

            In this chapter, we cover the following topics:

            •  Why hackers are interested in access control

            •  How Windows Access Control works

            •  Tools for analyzing access control configurations

            •  Special SIDs, special access, and “access denied”

            •  Access control for elevation of privilege

            •  Attack patterns for each interesting object type

            •  Other object types


Why Access Control Is Interesting to a Hacker

Access control is about the ...

Get Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.