Talk:Privilege escalation

From Wikipedia, the free encyclopedia
Jump to: navigation, search
          This article is of interest to the following WikiProjects:
WikiProject Computing (Rated Start-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
 
WikiProject Computer science (Rated Start-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computer science, a collaborative effort to improve the coverage of Computer science related articles on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
 
WikiProject Computer Security / Computing  (Rated Start-class, Mid-importance)
WikiProject icon This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start-Class article Start  This article has been rated as Start-Class on the project's quality scale.
 Mid  This article has been rated as Mid-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Computing (marked as Low-importance).
 

Is it only an exploit?[edit]

Users with unprivileged credentials who properly execute "sudo" (for example) to perform authorised administrative activities are also "escalating privilege". It is not only an exploit or a bug. — Preceding unsigned comment added by 203.6.223.18 (talk) 00:36, 27 April 2015 (UTC)

Another meaning?[edit]

I've also heard this term dealing with the fact that many of the individual privileges of a superuser can be used to obtain the others, including the ability to run in kernel mode.

For example, if a Windows program is granted SeDebugPrivilege - the right to debug any process in the system regardless of owner - it can escalate its privilege further by leveraging SeDebugPrivilege. It can use that privilege to open a running LocalSystem (akin to UNIX "root") process, such as winlogon.exe, and inject its own code, escalating its privilege to LocalSystem.

Similarly, the SeTakeOwnership privilege, which allows taking ownership of files without explicit permission, can be used on the Registry to change the Administrator password.

Many Windows privileges allow this sort of escalation, so their closure really ought to be considered a single privilege level. That's the route UNIX took.

-- Myria 07:59, 28 October 2005 (UTC)

"Horizontal" vs "Vertical" privilege escalation[edit]

I've cleaned up the content for this concept a bit, but I dispute that there's a such thing as "horizontal privilege escalation", and not just because the term is a bit of an oxymoron.

"Horizontal" escalation means obtaining unauthorized impersonation rights (I know web apps never call it "impersonation"). Impersonation, a capability built in to a variety of reference monitors (including Unix, Win32, and databases) is an elevated privilege. "Horizontal" escalation is just a use case for a specific, limited form of "vertical" privilege escalation.

The content here is valuable; I'm not advocating that we strike it. I'm just saying that we probably shouldn't muddy it with concepts like "vertical and horizontal".

--- tqbf 02:00, 1 January 2008 (UTC)

I agree the content is valuable but the term itself is confusing. Zeroday (talk) 13:43, 24 February 2008 (UTC)


Well "horizontal privilege escalation" does exists. And not just in theory....There have been many High profile bank cases to validate the same....

-Meenal A. Mukadam


—Preceding unsigned comment added by 123.201.46.58 (talk) 07:54, 16 June 2008 (UTC)

Is this an example of Windows privilege escalation?[edit]

I can't remember the exact details, but in Windows XP you can use the "at" command under cmd to schedule it to run cmd.exe a minute or 2 in the future. This new cmd process will run under the SYSTEM user for some mysterious reason. You can then end explorer.exe in task manager (which you can run under the new cmd if you're not allowed to run task manager on your own account), run explorer.exe under the cmd window, and therefore be allowed to do things in the Windows shell that you shouldn't have permission to do. Obviously this won't work if the policies have been set to prevent you from running at.

Is this a valid example of a very easy privilege escalation attack?

http://blogs.msdn.com/adioltean/articles/271063.aspx

Tebello TheWHAT!!?? 18:54, 9 June 2008 (UTC)

Yes, someone with the privilege to schedule jobs on WinXP/Win2k3 and earlier could elevate themselves to Admin in this way. This route has been blocked in Vista/Server 2008. Socrates2008 (Talk) 21:41, 9 June 2008 (UTC)

جيد[edit]

جيد Ahomed123123 (talk) 00:02, 24 February 2015 (UTC)

اوفق[edit]

اوافق Ahomed123123 (talk) 00:03, 24 February 2015 (UTC)

جيد[edit]

جيد Ahomed123123 (talk) 00:04, 24 February 2015 (UTC)