Privilege Escalation
Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an application or operating system to gain elevated access to resources that should normally be unavailable to that user. The attacker can then use the newly gained privileges to steal confidential data, run administrative commands or deploy malware – and potentially do serious damage to your operating system, server applications, organization, and reputation.
One way to do this by attacking passwords.
Two ways to attack passwords are :
- Online Attack – you can access the machine physically
- Offline Attack – from remote location
Tools
- Hydra
- BruteSSH
- Rainbowcrack
- John The Ripper
Leave a Reply