Abusing vulnerable software
Attack tree
1 Abuse vulnerable software
1.1 Vulnerability in software
1.2 Available exploit
Example
Use the
wmic
tool to list software installed on the target system and its versions:Search for existing exploits on the installed software online on sites like exploit-db, packet storm or Google.
Exploit
Notes
Software installed on the target system can present various privilege escalation opportunities. As with drivers, organisations and users may not update them as often as they update the operating system.