Privilege Escalation with SharpUp

Focused View

Ricardo Reimao

17:38

78 View

Exercise Files

privilege-escalation-sharpup.zip

Module 1 - Course Overview

1. Course Overview.mp4

01:07

Module 2 - Privilege Escalation with SharpUp

1. Understanding Privilege Escalation and SharpUp.mp4

03:51

2. Compiling and Executing SharpUp.mp4

02:43

3. Gaining Admin Privileges via AlwaysInstallElevated Vulnerability.mp4

04:25

4. Exploiting Insecure File Permissions.mp4

03:39

Module 3 - Resources

1. Additional Resources.mp4

01:53

Description

After getting initial access to a machine, one of your main tasks is to escalate privileges to get admin access. In this course, you will learn privilege escalation using SharpUp.

What You'll Learn?

In a red team engagement, after getting initial access to your machine, you need to escalate privileges to achieve admin-level permissions. In this course, Privilege Escalation with SharpUp, you'll learn how to utilize the SharpUp tool to enumerate potential privilege escalation vulnerabilities in a red team environment. First, you’ll explore the basics of privilege escalation in Windows and how to compile and run the SharpUp tool. Next, you'll see how to use SharpUp to map potential privilege escalation vulnerabilities in a server. Finally, you’ll learn how to escalate your privileges using two common techniques: Over-permissive auto-installers and over-permissive administrative logon scripts. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques Hijack Execution Flow (T1574) and Boot or Logon Autostart Execution (T1547) using SharpUp. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Engineering

Windows Server

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.