Privilege Escalation (General) Flashcards
1
Q
Kernel Exploits (General Escalation)
A
- unpatched systems are vulnerable to different exploits
2
Q
Default Account Settings (General Escalation)
A
- default admin accounts can be exploited, guest accounts should be disbaled
3
Q
Sandbox Escape (General Escalation)
A
- Shell upgrade - restricted shells are exploited to gain an upgraded shell
- Virtual Machines - escaping VM sandbox leads to exploiting of underlying hardware and puts other VMS at risk
- Container - share a common OS, can compromise every container if system is compromised
4
Q
Physical Service Security (General Escalation)
A
- Cold boot attack
- JTAG debug
- serial console
5
Q
Cold Boot Attack - Physical (General Escalation)
A
- side channel attack where attacker has physical access, user is able to retrieve encryption keys from a running OS after using cold reboot to restart machine
6
Q
JTAG Debug - Physical (General Escalation)
A
- JTAG is standard for verifying designs and testing printed circuit boards, can be used to read registers from motherboard and read arbitrary memory locations
7
Q
Serial Console - Physical (General Escalation)
A
- can connect to device over serial port with physical access, lower security is enabled on these ports
