Well, That Escalated Quickly! A Penetration Tester’s Approach to Privilege Escalation - DefCamp - 2018

Explore penetration testing techniques for privilege escalation in this DefCamp 2018 conference talk. Delve into Windows-specific methods, including registry manipulation, process and job exploitation, service account vulnerabilities, and startup program weaknesses. Learn about unsecure services, file permission exploits, DLL hijacking, and scheduler task vulnerabilities. Discover how to identify and exploit outdated software, weak passwords, and physical access vulnerabilities. Gain insights into the three phases of penetration testing: information gathering, exploitation, and reporting. Enhance your cybersecurity skills with hands-on knowledge from this comprehensive presentation on escalating privileges in Windows environments.

Introduction
Objectives
Windows
Registry
Processes
Jobs
Services
Service Accounts
Startup Programs and Scheduler Tasks
Unsecure Services
Weak executable file permissions
Unquoted service path method
DLL hijacking
Scheduler tasks
Exploit outdated software
Weak passwords
Physical access
Three phases
Phase 1 Overview
Information Gathering
Exploit
Reporting
Question