May 18, 2017
In episode 2 of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses Windows privilege escalation techniques. There are many reasons why normal employees should not be local administrators of their own systems. Network administrators tend to lock down permissions correctly for users, but privilege escalation vulnerabilities still arise through various software or system configuration. A few tools and techniques for discovering these vulnerabilities include PowerUp (by @harmj0y), Hot Potato (by foxglovesec), and manually finding exploits for missing MS patches with Searchsploit are discussed.
PowerUp by harmj0y:
Potato by foxglovesec: https://github.com/foxglovesec/Potato
Tater (PowerShell Implementation of Hot Potato exploit): https://github.com/Kevin-Robertson/Tater