Privilege escalation exploits grant administrator or root level access to users who previously did not have such access. For example, an account exists on all Windows NT and 2000 servers called “Guest.” This account, by default, has no password. Anyone can log on to the server using this “Guest” account and then use a common privilege escalation exploit call “GetAdmin” to gain administrator level access to the system. Many other privilege escalation exploits exist, such as HackDLL and others. These exploits are very useful to an attacker, since they allow anyone who has any level of access to a system, to easily elevate their privilege level and perform any activities they desire.
