CHAPTER 24Exploiting the Windows Access Control Model
This chapter will teach you about Windows Access Control and how to find instances of misconfigured access control that are exploitable for local privilege escalation. We cover the following topics:
• Why access control is interesting to a hacker
• How Windows Access Control works
• Tools for analyzing access control configurations
• Special SIDs, special access, and “access denied”
• Analyzing access control for elevation of privilege
• Attack patterns for each interesting object type
• What other object types are out there?
Why Access Control Is Interesting to a Hacker
Access control is about the science of protecting things. Finding vulnerabilities in poorly implemented access control ...
Get Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
