MITRE ATT&CK: Privilege Escalation Cyber Range
4 hours, 30 minutes
The Labs
Train hands-on
-
MITRE ATT&CK - Privilege Escalation - Checklist and Commands
30 minutesThe lab highlights important Linux features, processes, and applications that can be exploited for privilege escalation and showcases best practices to protect these resources. -
MITRE ATT&CK - Privilege Escalation - Exploitation For Privilege Escalation - Applications
30 minutesAdversaries tend to exploit vulnerable software features in an attempt to elevate privileges. Exploitation occurs when the adversary benefits from a programming error in a program, service, or kernel to execute malicious code. Security mechanisms such as permission levels are created to restrict access to information by using specific techniques, so adversaries must perform privilege escalation to use the initial access gained by software exploitation. -
MITRE ATT&CK - Privilege Escalation - Library Hijacking and Shared Libraries
30 minutesThe student will go through privilege escalation techniques through library hijacking or shared resources for different programming languages. -
MITRE ATT&CK - Privilege Escalation - Privilege Escalation Tools and Scripts
30 minutesThis lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use tools and scripts to escalate their privileges. -
MITRE ATT&CK - Privilege Escalation - Scheduled Tasks
30 minutesThis lab shows how task scheduling utilities can be used to run system commands on specific dates and times. -
MITRE ATT&CK - Privilege Escalation - Exploiting Sudo
30 minutesAdversaries may evade mechanisms designed to control privilege elevation for gaining higher-level permissions. Authorization is granted for specific users to perform tasks that can be considered of higher risk. Adversaries are able to perform methods to take advantage of built-in control mechanisms to escalate privileges on a system. -
MITRE ATT&CK - Privilege Escalation - Manipulating File Permission
30 minutesAdversaries abuse configurations where an application has the setuid or setgid bit set. This is done in order to have the code running through a privileged user's point of view/context and is achieved by targeting binaries that have been enabled prior. -
MITRE ATT&CK - Privilege Escalation - Exploitation for Privilege Escalation - Linux Binaries
30 minutesThis lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use poorly configured Linux binaries to escalate their privileges. -
MITRE ATT&CK - Privilege Escalation - CTF
30 minutesAdversaries gain initial access by executing malicious payloads to exploit software vulnerabilities. Performing privilege escalation is done by executing specific files for certain users, brute-forcing password files, and tampering with the elevation mechanisms in the running system. Persistence is established by abusing software binaries.
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Learn about scholarships and financing with
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments