Title
Syscall Proxying - Simulating remote execution
Authors
Max Caceres
In
Black Hat USA '03
Date published
2003
Keywords
syscall proxying, penetration testing, agents.

Abstract

A critical stage in a typical penetration test is the "Privilege Escalation" phase. An auditor faces this stage when access to an intermediate host or application in the target system is gained, by means of a previous successful attack. Access to this intermediate target allows for staging more effective attacks against the system by taking advantage of existing webs of trust and a more privileged position in the target system’s network. This "attacker profile" switch is referred to as pivoting along this document.

Pivoting on a compromised host can often be an onerous task, sometimes involving porting tools or xploits to a different platform and deploying them. This includes installing required libraries and packages and sometimes even a C compiler in the target system!

Attachments