InterviewStack.io LogoInterviewStack.io

Privilege Escalation Techniques Questions

Focuses specifically on techniques and methodologies for moving from low privilege to higher privilege on target systems and across environments. Topics include identifying and exploiting operating system misconfigurations, weak file and directory permissions, improper service configurations, insecure scheduled tasks, weak sudo rules, credential reuse and harvesting, kernel vulnerabilities and local exploit development, group membership and privilege boundaries, horizontal movement between accounts, and platform specific differences for Windows and Linux. Candidates should also be able to discuss detection considerations, safe testing practices in scope, and mitigations.

HardTechnical
31 practiced
Explain Windows token impersonation and duplication in detail: differentiate impersonation tokens from primary tokens, explain how DuplicateTokenEx and CreateProcessAsUser are used to create processes under another identity, and give a realistic scenario where obtaining a SYSTEM token enables privilege escalation. Also list detection signals and event artifacts defenders can use to spot token duplication abuse.
MediumTechnical
31 practiced
Describe Kerberoasting: list prerequisites (SPNs and service accounts), explain how to enumerate SPN-bearing accounts, request and capture service tickets, and why attackers crack these tickets offline. Provide common detection indicators and defensive measures (password policy, constrained delegation) and explain safe lab testing boundaries for this technique.
EasyTechnical
33 practiced
Scenario: On a Linux server you discover a root-owned cron job that executes '/usr/local/bin/backup.sh' every hour. The file '/usr/local/bin/backup.sh' is owned by root but group-owned by 'users' and writable by that group; your low-privileged account is a member of 'users'. Describe step-by-step how you could exploit this to escalate to root while staying within scope and avoiding disruption, list safety precautions, and recommend fixes.
HardTechnical
28 practiced
Explain methods to bypass modern exploit mitigations such as ASLR, DEP (NX), SMEP and SMAP when designing local privilege escalation exploits on x86_64 Linux. For each mitigation describe concrete evasion techniques at a conceptual level and then list defensive controls and monitoring that defenders should implement to mitigate these bypass techniques.
MediumTechnical
34 practiced
Explain the DLL search-order hijacking (binary planting) technique on Windows. Describe (a) how to identify vulnerable applications on a host, (b) how an attacker could exploit such a vulnerability to run code in a higher-privileged context, and (c) practical mitigations developers and administrators should apply to prevent DLL hijacks.

Unlock Full Question Bank

Get access to hundreds of Privilege Escalation Techniques interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.