Gaining access to a system is only the first step in executing application, releasing malware, or installing a rootkit. In this video, Lisa Bock defines privilege escalation, or elevating the rights of a user to gain broader access to a system. Understand the difference between horizontal and vertical privilege escalation.
- One common misconception is that if someone obtains a password and can get into a system, they can execute applications, release malware, or install a root kit. Let's look at the reality. Commonly, the ethical hacker first obtains access to a system by acquiring a username and password of a less defended account. Now, this will allow access into a system, but that level of access will not have the privileges of an administrator.
Any advanced system hacking will require the rights of the administrator, and gaining administrative access generally requires more work. Privilege escalation can be thought of in one of two ways: horizontal or vertical. In horizontal privilege escalation, the ethical hacker will take over the rights and privileges of a user who has the same rights and privileges. In vertical privilege escalation, the ethical hacker will gain access to an account and then elevate the privilege to a higher level.
Privilege Escalation is accomplished by taking advantage of a vulnerability in an application or an operating system. Once this is accomplished, full access is granted, and then you need to see what services are running and whether or not you have any root privileges. The goal of privilege escalation is to force an application into running with a higher security environment than intended by the designer. You need to understand that operating systems come with preset user accounts in groups, such as the Administrator and guest accounts in a Windows operating system.
Most likely, the administrator account is the more protected account, so gaining access to the network is by using a non-administrator user account, like Guest, and then trying to elevate privileges to the Administrator level to gain full control of the system. Most attackers are aware of and can find the default accounts, therefore you should try to secure them properly, even if they're never going to be used, as attackers know that they exist and will try to gain access to the system.
These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Acquiring passwords
- Generating rainbow tables
- Understanding where passwords are stored
- Defending against privilege escalation
- Understanding spyware
- Protecting against keylogging
- Detecting steganography
- How hackers cover their tracks