Skip to content
Related Articles
Open in App
Not now

Related Articles

What is User Privileges in Ethical Hacking ?

Improve Article
Save Article
  • Last Updated : 15 Jun, 2022
Improve Article
Save Article

Ever wondered why aren’t you able to make changes (moving, deleting) to some files/folders as a normal user on your system? It is because some files/folders are set up in a way to be only accessed by the Administrator or Super User i.e. it only allows the System Administrator to make changes.

As a simple example, a normal user is prevented from making changes to Operating System files but the administrator is allowed to do so as it is a part of maintaining a system.

 

But there is a term called Privilege Escalation, which basically means elevation of privileges of a normal user to that of Administrator or Super-User by providing the password.

This can be done with this command in the terminal.

sudo su

After putting in this command you’ll be prompted to enter the administrator’s password.

Note: You will not see the password being typed for security reasons.

This also gives rise to a potential number of cyber attacks, in which the attacker exploits a bug, obtains high-level privileges, and performs unauthorized actions that are often harmful to the client or the institution. These are also called privilege escalation exploits.

Steps of Privilege Escalation Attacks:

Generally, this type of attack is preceded by reconnaissance and some steps included are:

There are various possible techniques for Performing a Privilege Escalation Attack, one of them is attackers can use Credential Harvesting or Social Engineering techniques to obtain the credentials of a particular user. And as soon as attackers get into the institute’s network, they use compromised credentials and bypass access controls hence the attacker gained. There are other many other possible techniques to perform a Privilege Escalation Attack.

To prevent these types of attacks you may refer to Prevent Broken Access Control.

My Personal Notes arrow_drop_up

Start Your Coding Journey Now!