According to Red Hat, “Polkit stands for PolicyKit which is a framework that provides an authorization API used by privileged programs.” Pkexec is a tool
As this series was dedicated to Windows Privilege escalation thus I’m writing this Post to explain command practice for kernel-mode exploitation. Table of Content What
An attacker can exploit Windows Task Scheduler to schedule malicious programs for initial or recurrent execution. For persistence, the attacker typically uses Windows Task Scheduler
CVE-2021-36934 also known as SeriousSAM and HiveNightmare vulnerability was discovered by Jonas Lykkegaard in July 2021. Due to an ACL misconfiguration in Windows 10 post-build
If an attacker finds a service that has all permission and its bind with the Registry run key then he can perform privilege escalation or
The Windows Startup folder may be targeted by an attacker to escalate privileges or perform persistence attacks. By adding an application to a startup folder
Stored Credentials Exploitation is a technique attackers use to increase privileges in Microsoft Windows. Therefore, it allows attackers to escalate their access by exploiting weaknesses
Microsoft Windows offers a wide range of fine-grained permissions and privileges for controlling access to Windows components including services, files, and registry entries. Exploiting Weak
Microsoft Windows offers a wide range of fine-grained permissions and privileges for controlling access to Windows components including services, files, and registry entries. Exploiting Unquoted