Editing
Privilege Escalation
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Horizontal Privilege Escalation == Horizontal escalation involves accessing other accounts, sessions, or resources at the same privilege level, typically through impersonation, session hijacking, or misconfigured file access. === Common Techniques === * Reading other usersβ sensitive files due to improper permissions * Accessing SSH keys, config files, or tokens * Hijacking user sessions (e.g., TTY snooping or credential reuse) * Exploiting insecure file-sharing configurations (e.g., SMB shares) * Abuse of API tokens or database credentials found in cleartext === Tools === * [[pspy]] (monitors Linux processes to detect privilege-related activity) * [[ls -la /home/]] (manual check for exposed user data) * [[ssh-agent hijacking scripts]] * [[procmon]] (process monitor for live file and registry activity on Windows) * [[mimikatz]] (extracts passwords, hashes, and tokens from memory)
Summary:
Please note that all contributions to HackOps may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
HackOps:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
Edit source
View history
More
Search
Navigation
Tools
What links here
Related changes
Special pages
Page information