Privilege escalation is an art form that revolves around information gathering, and enumeration of the target host. The idea is to find the quickest, and easiest way to escalate from a local user account to that of an Administrator. A common method for escalating is using a known exploit to target a vulnerability exposed on the unpatched host. This method is probably the fastest, and with the right information and toolkit of precompiled exploits and Metasploit modules, it is a quick win during any engagement.
more here..............http://blog.gdssecurity.com/labs/2014/7/11/introducing-windows-exploit-suggester.html
more here..............http://blog.gdssecurity.com/labs/2014/7/11/introducing-windows-exploit-suggester.html