O'Reilly logo

Gray Hat Hacking The Ethical Hacker’s Handbook by Jonathan Ness, Chris Eagle, Shon Harris, Gideon Lenkey, Allen Harper, Terron Williams

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 24Exploiting the Windows Access Control Model

This chapter will teach you about Windows Access Control and how to find instances of misconfigured access control that are exploitable for local privilege escalation. We cover the following topics:

• Why access control is interesting to a hacker

• How Windows Access Control works

• Tools for analyzing access control configurations

• Special SIDs, special access, and “access denied”

• Analyzing access control for elevation of privilege

• Attack patterns for each interesting object type

• What other object types are out there?

Why Access Control Is Interesting to a Hacker

Access control is about the science of protecting things. Finding vulnerabilities in poorly implemented access control ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required