CAPEC-17 Détail

CAPEC-17

Nom

Using Malicious Files

Probabilité d'attaque

Haute

Gravité typique

Statut

Draft

Publié

2014-06-23
00h00 +00:00

Modifié

2022-09-29
00h00 +00:00

Liens officiels

CAPEC Mitre.org

Alerte pour un CAPEC

Restez informé de toutes modifications pour un CAPEC spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CAPEC

Restez informé de toutes modifications pour un CAPEC spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

Spécifiez le CAPEC ID que vous désirez surveiller.

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

Descriptions du CAPEC

An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.

Informations du CAPEC

Flux d'exécution

1) Explore

[Determine File/Directory Configuration] The adversary looks for misconfigured files or directories on a system that might give executable access to an overly broad group of users.

Technique

Through shell access to a system, use the command "ls -l" to view permissions for files and directories.

2) Experiment

[Upload Malicious Files] If the adversary discovers a directory that has executable permissions, they will attempt to upload a malicious file to execute.

Technique

Upload a malicious file through a misconfigured FTP server.

3) Exploit

[Execute Malicious File] The adversary either executes the uploaded malicious file, or executes an existing file that has been misconfigured to allow executable access to the adversary.

Conditions préalables

System's configuration must allow an attacker to directly access executable files or upload files to execute. This means that any access control system that is supposed to mediate communications between the subject and the object is set incorrectly or assumes a benign environment.

Compétences requises

To identify and execute against an over-privileged system interface

Ressources nécessaires

Ability to communicate synchronously or asynchronously with server that publishes an over-privileged directory, program, or interface. Optionally, ability to capture output directly through synchronous communication or other method such as FTP.

Atténuations

Design: Enforce principle of least privilege
Design: Run server interfaces with a non-root account and/or utilize chroot jails or other configuration techniques to constrain privileges even if attacker gains some limited access to commands.
Implementation: Perform testing such as pen-testing and vulnerability scanning to identify directories, programs, and interfaces that grant direct access to executables.

Faiblesses connexes

CWE-ID	Nom de la faiblesse
CWE-732	Incorrect Permission Assignment for Critical Resource The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CWE-285	Improper Authorization The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-272	Least Privilege Violation The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
CWE-59	Improper Link Resolution Before File Access ('Link Following') The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CWE-282	Improper Ownership Management The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.
CWE-270	Privilege Context Switching Error The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
CWE-693	Protection Mechanism Failure The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Références

REF-1

Exploiting Software: How to Break Code
G. Hoglund, G. McGraw.

Soumission

Nom	Organisation	Date	Date de publication
CAPEC Content Team	The MITRE Corporation	2014-06-23 +00:00

Modifications

Nom	Organisation	Date	Commentaire
CAPEC Content Team	The MITRE Corporation	2015-12-07 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2017-05-01 +00:00	Updated References
CAPEC Content Team	The MITRE Corporation	2020-07-30 +00:00	Updated Related_Attack_Patterns, Taxonomy_Mappings
CAPEC Content Team	The MITRE Corporation	2020-12-17 +00:00	Updated Related_Attack_Patterns
CAPEC Content Team	The MITRE Corporation	2021-06-24 +00:00	Updated Related_Weaknesses
CAPEC Content Team	The MITRE Corporation	2022-02-22 +00:00	Updated Description, Execution_Flow
CAPEC Content Team	The MITRE Corporation	2022-09-29 +00:00	Updated Example_Instances, Related_Attack_Patterns, Taxonomy_Mappings

Détail du CAPEC-17

CAPEC-17

Descriptions du CAPEC

Informations du CAPEC

Flux d'exécution

Conditions préalables

Compétences requises

Ressources nécessaires

Atténuations

Faiblesses connexes

CWE-732

CWE-285

CWE-272

CWE-59

CWE-282

CWE-270

CWE-693

Références

REF-1

Soumission

Modifications