Skip to main content

Q: What are the general approaches for privilege escalation on Windows and Linux systems?

A: Privilege escalation on both operating systems follows similar approaches:

Windows Privilege Escalation:

  1. Exploiting Vulnerabilities: Using known local or remote vulnerabilities to gain a higher privilege level.
  2. Using Tools: Employing tools designed to exploit common misconfigurations or vulnerabilities.
  3. Token Manipulation: Taking advantage of Windows security tokens.

Linux Privilege Escalation:

  1. Exploiting Vulnerabilities: Similar to Windows, using known vulnerabilities to gain root or higher privileges.
  2. Using Tools: Utilising scripts and tools like those from the GTFOBins project to exploit misconfigurations.
  3. Exploiting SUID/SGID Binaries: Using binaries with special permission bits to execute commands as the owner (root).