Cybersecurity:Attack and Defense Strategies
上QQ阅读APP看书,第一时间看更新

Access and privilege escalation

This phase comes after an attacker has already identified a target, and scanned and exploited its vulnerabilities using the previously discussed tools and scanning tools. The main focus of the attacker in this phase is to maintain access and move around in the network while remaining undetected. In order to achieve this freedom of movement without being detected, an attacker needs to perform privilege escalation. This is an attack that will grant the attacker an elevated level of access to a network, its connected systems, and devices.

Privilege escalation can be done in two ways: vertical, and horizontal:

Table 1: A comparison of horizontal and vertical privilege escalation