It is usually possible to get guest or user access to a system. Frequently, the attacker's ability to access important information will be limited by such reduced privilege levels. Therefore, a common post-exploit activity is to escalate access privileges from guest to user to administrator and, finally, to SYSTEM. This upward progression of gaining access privileges is usually referred to as vertical escalation.
The user can implement several methods to gain advanced access credentials, including the following:
- Employ a network sniffer and/or keylogger to capture transmitted user credentials (dsniff is designed to extract passwords from live transmissions or a PCAP file saved from a Wireshark or tshark session).
- Perform a search for locally stored passwords. Some users collect passwords in an email folder (frequently called passwords...
