Privilege Escalation

By -
Bismillah...



Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions.

Most computer systems are designed for use with multiple users. Privileges mean what a user is permitted to do. Common privileges including viewing and editing files, or modifying system files.

Privilege escalation means a user receives privileges they are not entitled to. These privileges can be used to delete files, view private information, or install unwanted programs such as viruses. It usually occurs when a system has a bug that allows security to be bypassed or, alternatively, has flawed design assumptions about how it will be used. Privilege escalation occurs in two forms:
  • Vertical privilege escalation, also known as privilege elevation, where a lower privilege user or application accesses functions or content reserved for higher privilege users or applications. This type of privilege escalation occurs when the user or process is able to obtain a higher level of access than an administrator or system developer intended, possibly by performing kernel-level operations. Examples:
    1. In certain versions of the Linux kernel it was possible to write a program that would set its current directory to /etc/cron.d, request that a core dump be performed in case it crashes and then have itself killed by another process. The core dump file would have been placed at the program's current directory, that is, /etc/cron.d, and cron would have treated it as a text file instructing it to run programs on schedule. Because the contents of the file would be under attacker’s control, the attacker would be able to execute any program with root privileges.
    2. Cross Zone Scripting is a type of privilege escalation attack in which a website subverts the security model of web browsers so that it can run malicious code on client computers.
    3. Some versions of the iPhone allow an unauthorised user to access the phone while it is locked.
    4. Internet Banking users can access site administrative functions or the password for a smartphone can be bypassed.
  • Horizontal privilege escalation, where a normal user accesses functions or content reserved for other normal users. Horizontal privilege escalation occurs when an application allows the attacker to gain access to resources which normally would have been protected from an application or user. The result is that the application performs actions with the same but different security context than intended by the application developer or system administrator; this is effectively a limited form of privilege escalation (specifically, the unauthorized assumption of the capability of impersonating other users). Examples:
    1. User A has access to his/her bank account in an Internet Banking application.
    2. User B has access to his/her bank account in the same Internet Banking application.
    3. The vulnerability occurs when User A is able to access User B's bank account by performing some sort of malicious activity.
    4. This malicious activity may be possible due to common web application weaknesses or vulnerabilities.
Source : Wikipedia.com

Comments

Post a Comment

Populer Post

Extract Database With Sqlmap

By -
Bismlillah... Hello, buddy! have ever think why Oracle Corp will monopolize and commercialize Mysql? While many people already depended on it in their development. You do not need to answer it, seriously. Coz now we aren't going to talk about that, but we're gonna talk about how to use Sqlmap to extract database. Assumption: You have apache2, mysql, phpmyadmin instaled on your system. I use DVWA for victim site, click here  for more information and download link. You have found the vulnerable from DVWA site. Click here for tutorial. I use Mantra and Burp Suite for IG(Information Gathering). Click here for tutorial!. Important to find the cookie. Open your teminal and go to sqlmap directory " cd /pentest/database/sqlmap/ " or use gnome menu. So let's rock, here's the step: First read the manual by typing " ./sqlmap -h ". If you are already knew about the usage, let's continue. Here's the syntax " ./sqlmap.py -u victim_u
Read more

How To Install Mutillidae And Try A Little Test

By -
Image
Bismillah... So, bofore we start sharing about Mutillidae. Better for us to know it's definition. Open the spoiler to read it, but if you aren't patient enough, just pass it by :D Open: Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. It is already installed on Samurai WTF. Simply replace existing version with latest on Samurai. Mutillidae contains dozens of vulnerabilities and hints to help the user exploit them; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, in corporate web sec training courses, and as an "assess the assessor" tar
Read more