Privilege escalation is an art form that revolves around information gathering, and enumeration of the target host. The idea is to find the quickest, and easiest way to escalate from a local user account to that of an Administrator. A common method for escalating is using a known exploit to target a vulnerability exposed on the unpatched host. This method is probably the fastest, and with the right information and toolkit of precompiled exploits and Metasploit modules, it is a quick win during any engagement.
more here..............http://blog.gdssecurity.com/labs/2014/7/11/introducing-windows-exploit-suggester.html
Image may be NSFW.more here..............http://blog.gdssecurity.com/labs/2014/7/11/introducing-windows-exploit-suggester.html
Clik here to view.
