Applications & Services
Running Services & Processes
Once we know the operating system, we have to gather information about the running processes and services that can be exploited,
Identifying the services/processes running as root/administrator can be useful for privilege escalation
Scheduled Tasks
Scheduled tasks are one of the easiest vulnerabilities that one can exploit to conduct privilege escalation. In many cases the tasks are created by users with higher privileges but leave scripts with weakened permissions conducting the task. One of the best ways to exploit this case is to explore whether the file or its actions can be hijacked to serve our purpose.
Linux
Applications & Versions
Another method is to look at the list of installed applications and their versions, then using this information to look for know vulnerabilities and exploits.
Last updated