📄️ SeImpersonate/SeAssignPrimaryToken
SeImpersonatePrivilege allows a process to impersonate another user, enabling privilege escalation if a high-privilege token is accessible. SeAssignPrimaryTokenPrivilege lets a process assign an arbitrary token to a new process, allowing privilege manipulation. These privileges are often abused in Windows privilege escalation techniques like JuicyPotato, RoguePotato, and PrintSpoofer. Exploiting them can grant SYSTEM-level access from a low-privileged account.
📄️ SeDebugPrivilege
SeDebugPrivilege allows a process to access and manipulate other processes, even those running as SYSTEM. This privilege is often abused in privilege escalation by injecting code, dumping credentials (e.g., LSASS), or modifying security tokens. Attackers can use tools like Mimikatz or Process Hacker to exploit it. If enabled for a low-privileged user, it can lead to full system compromise.
📄️ SeTakeOwnershipPrivilege
SeTakeOwnershipPrivilege is a user rights assignment in Windows that allows a user to take ownership of any object, such as files, directories, or registry keys. This privilege is typically assigned to administrators or system accounts, granting them the ability to change the ownership of objects even if they do not have explicit permissions. It is a powerful privilege often used for system maintenance or recovery tasks. Misuse of this privilege can lead to security risks, as it bypasses standard access control mechanisms.