- Syscall Proxying - Simulating remote execution
- Max Caceres
- Black Hat USA '03
- Date published
- syscall proxying, penetration testing, agents.
A critical stage in a typical penetration test is the "Privilege Escalation" phase. An auditor faces this stage when access to an intermediate host or application in the target system is gained, by means of a previous successful attack. Access to this intermediate target allows for staging more effective attacks against the system by taking advantage of existing webs of trust and a more privileged position in the target system’s network. This "attacker profile" switch is referred to as pivoting along this document.
Pivoting on a compromised host can often be an onerous task, sometimes involving porting tools or xploits to a different platform and deploying them. This includes installing required libraries and packages and sometimes even a C compiler in the target system!