Lab provided by the College of Engineering and Computing at the University of South Carolina Lab Overview:
Modern Operating Systems (OS) allow multiple users to have their own accounts with their own credentials. Each user has their own rights/privileges to files and directories. A malware that is executed by a regular user with no administrative privileges is only allowed to read, modify, or delete files. Privilege escalation is exploiting a vulnerability in an OS to gain access to advanced resources. The malware will be able to perform severe malicious activities like disabling anti-viruses and firewalls, spying on keystrokes, deleting important OS booting systems, or gaining permanent access to another’s machine (backdoor). There are two forms of privilege escalation:
Horizontal privilege escalation: a non-administrative user gains access to functions and files available to other non-admin users.
Vertical privilege escalation: a non-admin user gains access to functions or files reserved specifically for higher privilege users like administrators.
The goals of this lab are to:
Understand and define privilege escalation and backdoor
Create a malicious executable using the msfvenom tool
Have permanent remote access to a victim’s machine
In this situation I will be playing the roles of attacker and victim.
Comments