Skip to main content
search
All BlogsCyber NewsIdentity-Based SecurityZero Trust

Resource Roundup: Deep Dive Articles on Privilege Escalation

By September 6, 2024 No Comments

Author: Carol Caley, PMM, Xage Security

Unfortunately, privilege escalation has been big in the news lately, from disclosed vulnerabilities to their active exploitation. The concept seems simple on its face: any technique that allows someone to increase their privilege. But it quickly becomes complicated when you start to dig into what we mean by privileged access

Privilege exists in countless systems and can mean anything from having admin control over your laptop to system privileges on the database storing sensitive customer data. There’s a lot to dig into, and the nuances all depend on the context of the system or environment in play. In light of that, we’ve collected intriguing analyses and in-depth longreads about privilege across various environments and operating systems. Learn how they can be hacked to help you better secure them.

Resource Roundup: Deep Dives on Privilege Escalation

Insecure Windows Service Permissions and Privilege Escalation Risks

Windows services are often running in the background and can provide opportunities for a bad actor to escalate privileges within a Windows environment. Services with lots of access, like system privileges, are particularly risky if misconfigured or otherwise vulnerable. Get a detailed walkthrough of how this type of privilege escalation works and a link to the TryHackMe walkthrough. 

Read the article.

 

Kerberoasting: An Oldie but a Baddie

Since it is built into many common operating systems, Kerberos pops up pretty frequently as a vector of attack. This article covers both gaining credentials and elevating privilege in systems that use Kerberos for authentication. 

Read the walkthrough.

 

CherryLoader Privilege Escalation Downloader Malware

How did attackers gain admin-level privileges and disable security tools—and what is the “potato family” of hacker tools? Read the article to learn these intriguing facts and more. 

Read the article on Dark Reading.

 

Guide to Linux Privilege Escalation: SUID and SGID binaries

If you want to get way into the nitty gritty of permissions and groups in Linux, this Juggernaut Pentesting Academy guide goes way in-depth on how to hack binaries with the SUID or SGID bit turned on. It’s a fascinating read whether you’re red team or blue team.

Read the guide.

 

ESXi Authentication Bypass Vulnerability

Learn about the vulnerability in ESXi hypervisor that allows a malicious user with sufficient permissions to gain full access to a domain-joined ESXi host.

Read the Xage blog.

 

Even More on Privilege Escalation

These are just a handful of the different mechanisms for privilege escalation in various environments. If you’re interested to learn more about specific techniques and where they might be used, MITRE lists dozens of techniques and subtechniques for privilege escalation, as well as real-world examples.

Keep an eye on the Xage blog and our LinkedIn for more deep dives and roundups!