Last Updated on July 31, 2021 by Admin 2
Which of the following is true of privilege escalation?
- vertical movement to a different level
- horizontal movement to the same level
- obtained without authorization
- granted freely
Privilege escalation occurs when someone obtains, without authorization, the rights and privileges of a different user. Privilege escalation usually occurs by logging in to a system using your valid user account and then finding a way to access files that you do not have permissions to access. This often involves invoking a program that can change your permissions, such as Set User ID (SUID), or invoking a program that runs in an administrative context.
There are several methods of dealing with privilege escalation can lead to denial-of-service (DoS) attacks. An example of privilege escalation is gaining access to a file you should not access by changing the permissions of your valid account.
Horizontal escalation is movement to an account on the same level, such as from a regular user another regular user.
Vertical escalation is movement to an account on a different level, such as from a regular user to an administrator.
Privilege escalation is never granted freely. It is an attack.
Objective: Attack Methods
Sub-Objective: Define privilege escalation