O'Reilly logo

Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition, 4th Edition by Stephen Sims, Ryan Linn, Branko Spasojevic, Jonathan Ness, Chris Eagle, Allen Harper, Shon Harris, Daniel Regalado

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 14

 

Exploiting the Windows Access Control Model

This chapter teaches you about Windows Access Control and how to find instances of misconfigured access control that are exploitable for local privilege escalation.

            In this chapter, we cover the following topics:

            •  Why hackers are interested in access control

            •  How Windows Access Control works

            •  Tools for analyzing access control configurations

            •  Special SIDs, special access, and “access denied”

            •  Access control for elevation of privilege

            •  Attack patterns for each interesting object type

            •  Other object types

 

Why Access Control Is Interesting to a Hacker

Access control is about the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required