Privilege Escalation with SweetPotato

Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you'll learn privilege escalation using SweetPotato.

After getting access to an account in a local machine, your job is to escalate your privileges to system-level so you can fully own the machine and gain access to sensitive data and in-memory passwords. In this course, Privilege Escalation with SweetPotato, you’ll cover how to utilize the SweetPotato tool to execute local privilege escalation attacks in a red team engagement. First, you'll explore how to leverage SweetPotato to escalate privileges using the Print Spooler service as a way to get system-level privileges. Next, you'll use the same tool to execute other known privilege escalation exploits. Finally, you'll use the system-level privileges obtained to dump all the in-memory passwords of the machine. When you’re finished with this course, you’ll have the skills and knowledge to execute Exploitation for Privilege Escalation (T1068) using SweetPotato. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

• Course Overview 1min
• Privilege Escalation with SweetPotato 12mins
• Resources 1min