讲义分类优秀项目encyclopaedia of windows privilege escalation.pptxVIP

ENCYCLOPAEDIA OF WINDOWS PRIVILEGE ESCALATION;;Linux Priv Esc;Windows Priv Esc;;;Stickykeys Replace C:\windows\system32\sethc.exe Logout Hit shift a bunch C:\program.exe Exploits apps that don’t wrap C:\program files\fubar = c:\program.exe Not since windows 2000 ;Explain some useful methods Citrix/RDP/Kiosk environments Local workstations, VDI’s etc Post exploitation Escalating privileges User = Higher user Network service = LocalSystem Admin = Domain Admin ;Pure gold Install files, config files, admin notes c:\unattend.txt ;Slightly more difficult ? c:\sysprep.inf [Clear Text] c:\sys