Privilege escalation, in simple words, means getting privileges to access something that should not be accessible. Attackers use various privilege escalation techniques to access unauthorized resources. For web application security, privilege escalation is an important concern because web intrusions are usually only the first stage of a complex attack. Malicious parties often use web attacks to gain basic access to certain resources and then continue with privilege escalation attacks to gain more control. The ultimate goal might be accessing sensitive data, installing malware, introducing malicious code, or even hijacking a single computer system or multiple systems.
There are two types of privilege escalation: horizontal privilege escalation and vertical privilege escalation.
Horizontal Privilege Escalation in Web Security
The term horizontal privilege escalation applies to all situations when an attacker acts as a specific user and gains access to resources belonging to another user with a similar level of access. For example, if an attacker impersonates a user and gains unauthorized access to their bank account, this is an example of horizontal privilege escalation.
Many web vulnerabilities may lead to horizontal privilege escalation. For example, Cross-site Scripting (XSS) attacks may allow the attacker to steal the user’s session cookies to access their user account. CSRF attacks are also examples of horizontal privilege escalation.
Vertical Privilege Escalation in Web Security
Vertical privilege escalation is often referred to as privilege elevation. It applies to all situations when the attacker gains higher privileges, most often root privileges (administrative privileges).
Privilege elevation is most often the second step of an attack. If the attack is aimed directly at the web server, the malicious user often aims first to get any kind of file system and/or console access. After they gain shell access to the web server, they may attempt to use other techniques to gain access to a privileged account, most often the system administrator. Local privilege escalation in this case often relies on misconfigurations or unpatched operating systems. Both Microsoft Windows and Linux/UNIX have been known to have vulnerabilities that allow attackers to gain administrator privileges via executing arbitrary code.
Avoiding Privilege Escalation Vulnerabilities
Privilege escalation vulnerabilities may arise for different reasons:
- Programming errors: This includes vulnerabilities that lead to web attacks but also other vulnerabilities such as buffer overflow.
- Misconfigurations: Especially risky when the principle of least privilege is not followed and normal users have too many privileges.
- Lack of security hygiene: For example, delayed patches and updates for the operating system and other software.
- Weak access control: For example, weak passwords.
- Social engineering: Attackers may gain access to accounts by exploiting gullible users.
Therefore, to avoid privilege escalation vulnerabilities, you must consider your entire security stance. Installing software such as a vulnerability scanner will certainly help eliminate some potential causes, but not all of them.