What this book covers

Chapter 1, Introduction to Privilege Escalation, introduces you to the privilege escalation process, the various types of privilege escalation attacks, and the differences between privilege escalation on Windows and Linux.

Chapter 2, Setting Up Our Lab, introduces you to the concept of virtualization, how to build your own penetration testing lab, how to set up vulnerable virtual machines, and installing and configuring Kali Linux.

Chapter 3, Gaining Access (Exploitation), focuses on the process of setting up the Metasploit framework, performing information gathering with Nmap, identifying vulnerabilities, and exploiting them to gain access to a system.

Chapter 4, Performing Local Enumeration, covers the process of enumerating information from Windows and Linux systems manually and automatically.

Chapter 5, Windows Kernel Exploits, explores the process of performing kernel exploitation manually and automatically with Metasploit in order to elevate your privileges.

Chapter 6, Impersonation Attacks, explains how Windows access tokens work, outlines the process of enumerating privileges, explains token impersonation attacks, and covers the process of elevating your privileges via the Rotten Potato attack.

Chapter 7, Windows Password Mining, explores the process of searching for passwords in files and Windows configuration files, searching for application passwords, dumping Windows hashes, and cracking dumped password hashes in order to elevate your privileges.

Chapter 8, Exploiting Services, covers the process of exploiting unquoted service paths, exploiting the secondary logon handle, exploiting weak service permissions, and performing DLL hijacking.

Chapter 9, Privilege Escalation through the Windows Registry, examines the process of exploiting weak registry permissions, autorun programs, and exploiting the Always Install Elevated feature.

Chapter 10, Linux Kernel Exploits, explains the workings of the Linux kernel and covers the process of performing kernel exploitation both manually and automatically with Metasploit.

Chapter 11, Linux Password Mining, focuses on the process of extracting passwords from memory, searching for passwords in configuration files, and searching for passwords in Linux history files.

Chapter 12, Scheduled Tasks, introduces you to cron jobs on Linux and covers the process of escalating your privileges by exploiting cron paths, cron wildcards, and cron file overwrites.

Chapter 13, Exploiting SUID Binaries, outlines how filesystem permissions on Linux work and explores the process of searching for SUID binaries and elevating your privileges through the use of shared object injection.