Chapter 16: Escalating Privileges

When we consider the penetration of any system – whether it’s a computer system or physical access to a building, for example – no one is the king of the castle when the initial compromise takes place. That’s what makes real-world attacks so insidious and hard to detect; the attackers work their way up from such an insignificant position that no one sees them coming. For example, take the physical infiltration of a secure building. After months of research, I’m finally able to swipe the janitor’s key and copy it without him knowing. Now, I can get into the janitor’s closet at the periphery of the building. Do I own the building? No. Do I have a foothold that will likely allow me a perspective that wasn’t possible ...

Get Windows and Linux Penetration Testing from Scratch - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.