Not every exploit results in complete and unrestricted access to a victim’s network or host. Threat actors will often find themselves confined inside a container, virtual machine or host with limited rights and will need to escalate their privileges to move longitudinally inside the host or laterally across the network.
Gaining more access can be performed by vertical privilege escalation through, for example, vulnerabilities, access token manipulation, bypassing user account controls or DDL injection and search order hijacking on Windows. On Linux, vertical privilege escalation can be performed through, for example, kernel and sudo exploits. Horizontal privilege escalation for lateral movement can be performed, for example, by taking over another account, abusing privileges granted to other users or by modification of domain policies.