Introduction to web Privilege Escalation

After obtaining a shell, I want to raise the permission, or the shell permission is too large to be used.
 
There are only three methods for permission escalation.
 
1. The permission escalation tool directly overflows and you need to find the writable directory.
 
2. The sa, root, and orange databases for database elevation are also acceptable, but they have never been used.
 
3. Third-party software such as su
 
Find the writable directory, which can be scanned by the asp Directory written by ah d, as well as aspx and php files on the network. In fact, sometimes you can check whether cgi is supported when you get the shell, cgi has a high permission.
 
Database Elevation of Privilege, a lot of online tutorials. Ask du Niang for details.
 
Third-party software has a lot of restrictions, but sometimes the previous two methods may not work out, you may want to test it, the previous su room fire, in addition, efang can directly add management group accounts through web www.2cto.com, such as sogou.
 
 
 
In fact, elevation of permission is careful, looking for available information, sometimes the Registry can bring a lot of information that can be used. You can also use the registry to escalate permissions. But this is not included in this discussion. (I just read a ghost's article about registry Privilege Escalation haha) Sometimes the Administrator records the account and password in a document for convenience, for this article, you happen to have the permission to access and read it. In short, it is often luck.
 
To sum up, pay attention to the details.

Author f4le.com