没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
What is Privilege Escalation?
In general, attackers exploit privilege escalation vulnerabilities in the initial attack
phase to override the limitations of their initial user account in a system or
application. There are two main types of privilege escalation: horizontal privilege
escalation to access the functionality and data of a different user and vertical
privilege escalation to obtain elevated privileges, typically of a system administrator
or other power user.
https://www.netsparker.com/blog/web-security/privilege-escalation/
What is Privilege Escalation? 2
With horizontal privilege escalation, malicious actors remain on the same general privilege level but
can access data or functionality of other accounts or processes that should be unavailable to them.
For example, this may mean using a compromised office workstation to gain access to other office
users’ data. For web applications, one example of horizontal escalation might be using session
hijacking to bypass authentication and get access to another user’s account on a social site, e-
commerce platform, or e-banking site.
More dangerous is vertical privilege escalation (also called privilege elevation), where the attacker
gains the rights of a more privileged account – typically the administrator or system user on
Microsoft Windows or root on Unix and Linux systems. With this elevated level of access, the
attacker can wreak all sorts of havoc in your computer systems and applications: steal access
credentials and sensitive data, download and execute ransomware, erase data, or execute arbitrary
code. Advanced attackers will use elevated privileges to cover their tracks by deleting access logs
and other evidence of their activity, leaving the victim unaware that an attack took place at all. That
way, cybercriminals can covertly steal information and plant backdoors or other malware in
company systems.
Linux Privilege Escalation Techniques
• Kernel exploits
• Programs running as root
• Installed software
• Weak/reused/plaintext passwords
• Inside service
• Suid misconfiguration
• Abusing sudo-rights
• World writable scripts invoked by root
• Bad path configuration
• Cronjobs
• Unmounted filesystems
Enumeration Scripts
•https://github.com/rebootuser/LinEnum
•https://pentestmonkey.net/tools/audit/unix-privesc-check
•https://github.com/reider-roque/linpostexp/blob/master/linprivchecker.py
•https://github.com/carlospolop/PEASS-ng
•https://raw.githubusercontent.com/redcode-labs/Bashark/master/bashark.sh
•https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh
•https://raw.githubusercontent.com/rtcrowley/linux-private-i/master/private-i.sh
•https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh
剩余20页未读,继续阅读
资源评论
网络研究观
- 粉丝: 6809
- 资源: 2232
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功