loading
Loading content
loading
Also known as privesc
Privilege escalation turns a foothold into control. After an attacker lands as a low-privileged user, they look for a path to elevate, since most useful actions (reading other users' data, installing persistence, dumping credentials) need higher rights. Vertical escalation moves up a level, such as a normal user becoming root. Horizontal escalation takes over another account at the same level to reach data the original account could not.
Common routes include kernel and driver bugs, SUID binaries with weak permissions, misconfigured sudo rules, writable service paths, and stored secrets. Web targets often escalate through a command injection flaw that runs as a privileged service account.
Escalation matters because it converts a minor breach into a full compromise and usually unlocks lateral movement across the rest of the environment. A useful exploit chain almost always includes an escalation step.
In offensive work, escalation is a core phase of any penetration test. An automated workflow can enumerate the conditions that enable escalation, such as world-writable cron jobs or outdated kernels, and flag hosts that present an easy path before an operator ever logs in.
Related terms