<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Privilege-Escalation on Notes by Nisha</title><link>https://notesbynisha.com/tags/privilege-escalation/</link><description>Recent content in Privilege-Escalation on Notes by Nisha</description><generator>Hugo</generator><language>en</language><copyright>&amp;copy; 2026 Nisha</copyright><lastBuildDate>Tue, 06 May 2025 00:00:00 +0000</lastBuildDate><atom:link href="https://notesbynisha.com/tags/privilege-escalation/index.xml" rel="self" type="application/rss+xml"/><item><title>Exploiting AlwaysInstallElevated for Windows Privilege Escalation</title><link>https://notesbynisha.com/posts/2025-05-06-alwaysinstallelevated-walkthrough/</link><pubDate>Tue, 06 May 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-05-06-alwaysinstallelevated-walkthrough/</guid><description>A walkthrough of exploiting the AlwaysInstallElevated misconfiguration on Windows to escalate from user to SYSTEM using a malicious MSI payload.</description></item><item><title>Devel Rooted: A Hack The Box Walkthrough</title><link>https://notesbynisha.com/posts/2025-04-22-devel-rooted-walkthrough/</link><pubDate>Tue, 22 Apr 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-04-22-devel-rooted-walkthrough/</guid><description>This post is a walkthrough of the &amp;lsquo;Devel&amp;rsquo; retired machine from Hack The Box. I gain initial access through an exposed FTP and WebDAV setup, then escalate privileges using MS15-051.</description></item><item><title>LazyAdmin TryHackMe Walkthrough</title><link>https://notesbynisha.com/posts/2025-03-27-lazyadmin-tryhackme-walkthrough/</link><pubDate>Thu, 27 Mar 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-03-27-lazyadmin-tryhackme-walkthrough/</guid><description>A complete walkthrough of the LazyAdmin room on TryHackMe, demonstrating enumeration, exploitation, and privilege escalation.</description></item><item><title>Anonymous Rooted: A TryHackMe Walkthrough</title><link>https://notesbynisha.com/posts/2025-03-03-anonymous-rooted/</link><pubDate>Mon, 03 Mar 2025 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2025-03-03-anonymous-rooted/</guid><description>This walkthrough covers the TryHackMe &amp;lsquo;Anonymous&amp;rsquo; room. I gain user-level access via FTP and a writable script, capture the user flag, and escalate to root via a SUID misconfiguration.</description></item><item><title>Compromising the Dev Box: A PNPT Walkthrough with Mitigation and MITRE ATT&amp;CK Mapping</title><link>https://notesbynisha.com/posts/2024-12-07-devbox-pnpt-walkthrough/</link><pubDate>Sat, 07 Dec 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-12-07-devbox-pnpt-walkthrough/</guid><description>A step-by-step walkthrough of compromising the Dev Box from TCM Security’s PNPT training course, including detailed explanations, mitigation steps, and a comprehensive mapping to MITRE ATT&amp;amp;CK tactics and techniques.</description></item><item><title>Escalate and Defend: Linux Kernel Exploit Walkthrough</title><link>https://notesbynisha.com/posts/2024-10-11-escalate-and-defend-linux-kernel-exploit/</link><pubDate>Fri, 11 Oct 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-10-11-escalate-and-defend-linux-kernel-exploit/</guid><description>A dual perspective walkthrough of TryHackMe&amp;rsquo;s Linux Privilege Escalation room (Kernel Exploits), including offensive steps and defense strategies mapped to the MITRE ATT&amp;amp;CK Framework.</description></item><item><title>Steel Mountain - TryHackMe Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-06-16-steel-mountain-thm-walkthrough/</link><pubDate>Sun, 16 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-16-steel-mountain-thm-walkthrough/</guid><description>Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access.</description></item><item><title>Hacking Kenobi: From Anonymous Access to Root like a Rebel</title><link>https://notesbynisha.com/posts/2024-06-14-hacking-kenobi-tryhackme/</link><pubDate>Fri, 14 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-14-hacking-kenobi-tryhackme/</guid><description>A complete walkthrough of the Kenobi TryHackMe room, covering enumeration, exploiting ProFTPD, and privilege escalation using SUID PATH hijacking.</description></item><item><title>TryHackMe Ice - Walkthrough by Nisha</title><link>https://notesbynisha.com/posts/2024-06-04-ice-tryhackme-walkthrough/</link><pubDate>Tue, 04 Jun 2024 00:00:00 +0000</pubDate><guid>https://notesbynisha.com/posts/2024-06-04-ice-tryhackme-walkthrough/</guid><description>&lt;h5>Deploy &amp; hack into a Windows machine, exploiting a very poorly secured media server. &lt;/h5>
&lt;img src="https://notesbynisha.com/assets/images/thm/thm-ice-1.png">
&lt;p>&lt;strong> Room Link: &lt;/strong> &lt;a href="https://tryhackme.com/r/room/ice"> &lt;a href="https://tryhackme.com/r/room/ice" target="_blank" rel="noreferrer">https://tryhackme.com/r/room/ice&lt;/a>&lt;/a>&lt;/p>
&lt;h2 id="task-1---connect" class="relative group">Task 1 - Connect &lt;span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100">&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700" style="text-decoration-line: none !important;" href="#task-1---connect" aria-label="Anchor">#&lt;/a>&lt;/span>&lt;/h2>&lt;p>Get connected to the TryHackMe network using OpenVPN. Make sure to first download your configuration file from &lt;a href="http://tryhackme.com/access ">your access page. &lt;/a>&lt;/p></description></item></channel></rss>