Cyber Range

MITRE ATT&CK: Privilege Escalation Cyber Range

4 hours, 30 minutes

The Labs

Train hands-on

MITRE ATT&CK - Privilege Escalation - Checklist and Commands

The lab highlights important Linux features, processes, and applications that can be exploited for privilege escalation and showcases best practices to protect these resources.

MITRE ATT&CK - Privilege Escalation - Exploitation For Privilege Escalation - Applications

Adversaries tend to exploit vulnerable software features in an attempt to elevate privileges. Exploitation occurs when the adversary benefits from a programming error in a program, service, or kernel to execute malicious code. Security mechanisms such as permission levels are created to restrict access to information by using specific techniques, so adversaries must perform privilege escalation to use the initial access gained by software exploitation.

MITRE ATT&CK - Privilege Escalation - Library Hijacking and Shared Libraries

The student will go through privilege escalation techniques through library hijacking or shared resources for different programming languages.

MITRE ATT&CK - Privilege Escalation - Privilege Escalation Tools and Scripts

This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use tools and scripts to escalate their privileges.

MITRE ATT&CK - Privilege Escalation - Scheduled Tasks

This lab shows how task scheduling utilities can be used to run system commands on specific dates and times.

MITRE ATT&CK - Privilege Escalation - Exploiting Sudo

Adversaries may evade mechanisms designed to control privilege elevation for gaining higher-level permissions. Authorization is granted for specific users to perform tasks that can be considered of higher risk. Adversaries are able to perform methods to take advantage of built-in control mechanisms to escalate privileges on a system.

MITRE ATT&CK - Privilege Escalation - Manipulating File Permission

Adversaries abuse configurations where an application has the setuid or setgid bit set. This is done in order to have the code running through a privileged user's point of view/context and is achieved by targeting binaries that have been enabled prior.

MITRE ATT&CK - Privilege Escalation - Exploitation for Privilege Escalation - Linux Binaries

This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use poorly configured Linux binaries to escalate their privileges.

MITRE ATT&CK - Privilege Escalation - CTF

Adversaries gain initial access by executing malicious payloads to exploit software vulnerabilities. Performing privilege escalation is done by executing specific files for certain users, brute-forcing password files, and tampering with the elevation mechanisms in the running system. Persistence is established by abusing software binaries.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments