Morey J. Haber and Brad HibbertPrivileged Attack Vectorshttps://doi.org/10.1007/978-1-4842-3048-0_5

5. Privilege Escalation

Morey J. Haber¹ and Brad Hibbert²

(1)

Heathrow, Florida, USA

(2)

Carp, Ontario, Canada

Once we have established an authenticated session of any type, whether the session is legitimate or hacked via any of the attacks previously discussed, a threat actor’s goal is to elevate privileges and extract data (outside of ransomware and causing business disruptions). See Figure 5-1. A standard user typically does not have rights to a database, sensitive files, or anything of value in mass. So how does a threat actor navigate an environment and gain administrator or root privileges to exploit them ...

Get Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations by Morey J. Haber, Brad Hibbert

5. Privilege Escalation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly