PRIVILEGE ESCALATION ATTACKS A QUICK BACKGROUND Most systems
PRIVILEGE ESCALATION ATTACKS
A QUICK BACKGROUND • Most systems are designed for multiple users • Privileges are what a user is permitted to do on the system • Privilege escalation is gaining access to privileges that you were not granted • Privilege escalation occurs in two forms • Horizontal • Vertical
VERTICAL VS HORIZONTAL PRIVILEGES • Vertical privilege escalation ---where a lower privilege user gains access to functions or content reserved for higher privilege users • Horizontal privilege escalation– where a normal user accesses functions or information reserved for other users of the same level
VERTICAL ESCALATION • Sometimes, high-privilege applications assume that they will only be provided with input that matches its interface specification. This often leads to attackers exploiting the application to run unauthorized code • An example of this would be “Jailbreaking”
VULNERABILITIES THAT LEAD TO THESE ATTACKS • Predictable session ID’s • Session fixation • Cross-site scripting • Weak passwords • Hijacking of session cookies • Keystroke logging
MITIGATION STRATEGIES • Data execution prevention • Address space layout randomization • Running applications with least privilege • Use up-to-date antivirus software • Patching • Software encryption
- Slides: 6