Expanded Library

Privilege Escalation with SharpUp

by Ricardo Reimao

After getting initial access to a machine, one of your main tasks is to escalate privileges to get admin access. In this course, you will learn privilege escalation using SharpUp.

What you'll learn

In a red team engagement, after getting initial access to your machine, you need to escalate privileges to achieve admin-level permissions. In this course, Privilege Escalation with SharpUp, you'll learn how to utilize the SharpUp tool to enumerate potential privilege escalation vulnerabilities in a red team environment. First, you’ll explore the basics of privilege escalation in Windows and how to compile and run the SharpUp tool. Next, you'll see how to use SharpUp to map potential privilege escalation vulnerabilities in a server. Finally, you’ll learn how to escalate your privileges using two common techniques: Over-permissive auto-installers and over-permissive administrative logon scripts. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques Hijack Execution Flow (T1574) and Boot or Logon Autostart Execution (T1547) using SharpUp. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Ready to upskill? Get started