book

Privilege Escalation Techniques

Name: Privilege Escalation Techniques
Author: Alexis Ahmed
ISBN: 9781801078870

by Alexis Ahmed

November 2021

Intermediate to advanced

340 pages

6h 31m

English

Packt Publishing

Read now

Unlock full access

Privilege Escalation Techniques
ContributorsAbout the authorAbout the reviewer
Preface
Who this book is forWhat this book coversTo get the most out of this bookCode in ActionDownload the color imagesConventions usedGet in touchShare Your Thoughts
Section 1: Gaining Access and Local Enumeration
Chapter 1: Introduction to Privilege Escalation
What is privilege escalation?How permissions and privileges are assignedHorizontal privilege escalationVertical privilege escalationUnderstanding the differences between privilege escalation on Windows and LinuxWindows securityLinux securityExploring the types of privilege escalation attackKernel exploitsExploiting SUID binariesExploiting vulnerable services and permissionsInsecure credentialsExploiting SUDO Summary
Chapter 2: Setting Up Our Lab
Technical requirements Designing our labVirtualizationHypervisorsLab structureBuilding our labInstalling and configuring VirtualBoxConfiguring a virtual networkSetting up our target virtual machinesSetting up Kali LinuxPutting it all togetherSummary
Chapter 3: Gaining Access (Exploitation)
Technical requirements Setting up MetasploitThe Metasploit structureSetting up the Metasploit frameworkInformation gathering and footprintingNetwork mapping with NmapVulnerability assessmentGaining access Exploiting Metasploitable3Exploiting Metasploitable2Summary
Chapter 4: Performing Local Enumeration
Technical requirements Understanding the enumeration processWindows enumerationSystem enumerationUser and group enumerationNetwork enumerationPassword enumerationFirewall and antivirus enumerationAutomated enumeration toolsLinux enumerationSystem enumerationUser and group enumerationNetwork enumerationAutomated enumeration toolsSummary
Section 2: Windows Privilege Escalation
Chapter 5: Windows Kernel Exploits
Technical requirements Understanding kernel exploitsWhat is a kernel?Windows NT The Windows kernel exploitation processKernel exploitation with MetasploitManual kernel exploitationLocal enumerationTransferring filesEnumerating kernel exploitsCompiling Windows exploitsRunning the kernel exploitSummary
Chapter 6: Impersonation Attacks
Technical requirements Understanding Windows access tokensWindows access tokensToken security levelsAbusing tokens Enumerating privilegesToken impersonation attacksPotato attacks overviewEscalating privileges via a Potato attackManual escalationSummary

Chapter 7: Windows Password Mining
Technical requirements What is password mining?Searching for passwords in filesSearching for passwords in Windows configuration filesSearching for application passwordsDumping Windows hashesSAM databaseLM and NTLM hashingCracking Windows hashesCracking Windows hashes with John the RipperAuthenticationSummary
Chapter 8: Exploiting Services
Technical requirements Exploiting services and misconfigurationsExploiting unquoted service pathsExploiting secondary logon Exploiting weak service permissionsDLL hijackingSetting up our environmentThe DLL exploitation processSummary
Chapter 9: Privilege Escalation through the Windows Registry
Technical requirements Understanding the Windows RegistryWhat is the Windows Registry?How the Windows Registry stores dataExploiting Autorun programsExploiting the Always Install Elevated featureExploiting weak registry permissionsSummary
Section 3: Linux Privilege Escalation
Chapter 10: Linux Kernel Exploits
Technical requirements Understanding the Linux kernelUnderstanding the Linux kernel exploitation processSetting up our environmentKernel exploitation with MetasploitManual kernel exploitationLocal enumeration toolsTransferring filesEnumerating system informationEnumerating kernel exploitsRunning the kernel exploitSummary
Chapter 11: Linux Password Mining
Technical requirements What is password mining?Setting up our environmentExtracting passwords from memorySearching for passwords in configuration filesSearching for passwordsTransferring filesSearching for passwords in history filesSummary
Chapter 12: Scheduled Tasks
Technical requirements Introduction to cron jobsThe crontab fileEscalation via cron pathsEnumeration with linPEASTransferring filesFinding cron jobs with linPEASEscalating privileges via cron pathsEscalation via cron wildcardsEscalation via cron file overwritesSummary
Chapter 13: Exploiting SUID Binaries
Technical requirements Introduction to filesystem permissions on LinuxChanging permissionsUnderstanding SUID permissionsSearching for SUID binariesSearching for SUID binaries manuallySearching for SUID binaries with linPEASIdentifying vulnerable SUID binariesEscalation via shared object injectionSummary
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare Your Thoughts

Overview

In "Privilege Escalation Techniques", Alexis Ahmed presents a groundbreaking resource for mastering privilege escalation on Windows and Linux systems. Explore the nuances of exploitation challenges using hands-on virtual environments, and build a deep understanding of attack strategies. This book empowers professionals and aspirants in cybersecurity with practical knowledge to escalate their skills.

What this Book will help me do

Set up a secure pentesting lab environment for studying escalation techniques.
Gain hands-on experience by executing exploits on pre-configured target systems.
Master local enumeration and attacking system vulnerabilities, such as kernel exploits.
Learn to perform advanced techniques like password mining and credential exploitation effectively.
Understand creative strategies to exploit system services and persist high-level privileges.

Author(s)

Alexis Ahmed is a skilled technology expert with years of real-world experience in penetration testing and cybersecurity. Passionate about sharing his knowledge, Alexis has dedicated his career to making complex ideas accessible to learners. With this book, Alexis combines practical insights with an engaging teaching approach to help readers achieve technical mastery.

Who is it for?

This book is ideal for pen testers and cybersecurity enthusiasts interested in advancing their knowledge in privilege escalation techniques for Windows and Linux. If you have a foundational understanding of how operating systems and security concepts work, this book will challenge you to apply and expand your skills. Whether you're aspiring to become a security professional or looking to add critical skills to your profession, this book is tailored for you.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

The Complete Pentesting and Privilege Escalation Course

Publisher Resources

ISBN: 9781801078870

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills