Privilege Escalation is the act of exploiting Computer bug or design flaw in a software application to gain access to resources which normally would have been protected from an application or user.Privilege escalation using vulnerabilities and unpatched bugs is a common way to get to the root shell with a limited access to machine.An unauthorized root shell access can be very fatal for the victim.The intruder has complete control over the machine and the data on it.It could even get worse if the machine is connected to a network which has valuable data and which generally is as vulnerable the victim machine.

Few Linux Kernel exploits frequently used in such attacks.
Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit

Linux >= 2.6.13 prctl kernel exploit
This creates a root owned core dump into any directory.

Linux kernel <2.6.29 exit_notify() local root exploit

Few windows exploits
MS08-067 Exploit for CN by EMM

MS Windows XP SP2 (win32k.sys) Privilege Escalation Exploit (MS08-025)

Blending of Privelege Escalations  with Remote Code Execution can be very dangerous and potentially fatal for corporate networks which have webservers running on their own network.This can lead to compromising the entire network and the sentive information floating around.In future posts ill show how to carry such an attack capturing a network from the outside.

Disclaimer:All the information above are purely for educational purposes.The author is not responsible for any of the reader’s actions or evil deeds.