Disk Group Privilege Escalation is a complex attack method that targets vulnerabilities or misconfigurations within the disk group management system of Linux environments. Specifically, attackers
In this blog, we dive into a Server Operator exploit scenario for Windows Privilege Escalation, leveraging the commonly overlooked but powerful Server Operator group in
Post-Windows 2000, Microsoft introduced an option where users could authenticate to one system via Kerberos and work with another system. The delegation option makes this
Resource-Based Constrained Delegation (RBCD) is a security feature in Active Directory (AD) that allows a computer object to specify which users or machines can impersonate
DirtyPipe CVE 2022-0847 is a privilege escalation vulnerability discovered by Max Kellerman present in Linux Kernel itself post versions 5.8 which allows overwriting data in
Will Schroeder and Lee Christensen wrote a research paper on this technique which can be referred to here. In ESC8 technique mentioned in the research paper,
Print Spooler has been on researcher’s radar ever since Stuxnet worm used print spooler’s privilege escalation vulnerability to spread through the network in nuclear enrichment
Introduction Oliver Lyak posted a write-up about a Windows Privilege Escalation vulnerability that persisted in Windows systems even after patching of previous vulnerabilities in Print
Team Qualys discovered a local privilege escalation vulnerability in PolicyKit’s (polkit) setuid tool pkexec, known as PwnKit (CVE 2021-4034), which allows low-level users to run