DamianGrace.com

Behind the scenes

Windows Privilege Escalation Techniques

October 22nd, 2009 by Damian Leave a reply »

During one of my tours through the deep dark net this afternoon, I stumbled across a couple of very interesting blog posts by Scott Sutherland at NetSPI.com. Scott explains 10 different ways to move in Windows from Standard User to Local Administrator and then from Local Administrator to Domain Admin. Interesting stuff, and well worth the read.

Local Administrator Privilege Escalation Techniques

Domain Admin Privilege Escalation Techniques

Posted in Windows

Tags: admin Administrator Domain Escalation Local pass the hash Privilege Standard User

You can follow any responses to this entry through the RSS 2.0 Feed. You can leave a response , or trackback from your own site.

Leave a Reply

- Subscribe Subscribe to my blogs feed
- Previous Entry Juniper SSL/VPN Basic Functionality
- Next Entry Web App Hacking – SANS Sydney 2009
Who is Damian Grace?
- Damian has over six years experience working as a security consultant. During that time he has provided security advice to some of Australia's largest organizations including Local and State Government facilities, Banks and Telecommunications providers.
  
  He has a passion for learning and constant improvement. This becomes evident when looking at the his list of achievements which includes a Diploma in Network Engineering, Certified Information Systems Security Professional (CISSP), GIAC Certified Penetration Tester (GPEN), GIAC Certified Forensic Analyst (GCFA), GIAC Systems and Network Auditor (GSNA), GIAC Security Essentials Certification (GSEC), Offensive-Security - Pentesting with Backtrack (OSCP), GIAC Web Application Penetration Tester (GWAPT) and most recently the GIAC Reverse Engineering Malware (GREM) certification.
  
  Damian is also a member of Australian Information Security Association (AISA) and part of the GIAC Advisory Board.
Twitter: damiangrace
- “@jloidl: Strong language should be used to say "no" to these requests. Like, using a chair.” < yep, they'd not get mine (even if I had 1). 06:42:52 AM May 14, 2012 from Twitter for Mac
- “@smartial_arts: @damiangrace totally was. I know one CTO quit over this.” < I'm totally speechless.. 06:23:02 AM May 14, 2012 from Twitter for Mac
- “@ZDNet: California to ban employers asking for your Facebook password http://t.co/ByNrZFdH” <- WTF? Was this really happening??? 05:21:41 AM May 14, 2012 from Twitter for Mac
- The countdown to picking up my new motorbike is excruciatingly slow... Come on Saturday, hurry up! 03:25:43 AM April 05, 2012 from Twitter for Mac
Categories
Sites I Read

Back to Top

Valid XHTML 1.0 Transitional | Valid CSS 3