CAPEC-575

Account Footprinting
Bas
Bas
Stable
2015-11-09
00h00 +00:00
2020-07-30
00h00 +00:00
CAPEC Mitre.org
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Gestion des notifications

Descriptions du CAPEC

An adversary exploits functionality meant to identify information about the domain accounts and their permissions on the target system to an authorized user. By knowing what accounts are registered on the target system, the adversary can inform further and more targeted malicious behavior. Example Windows commands which can acquire this information are: "net user" and "dsquery".

Informations du CAPEC

Conditions préalables

The adversary must have gained access to the target system via physical or logical means in order to carry out this attack.

Atténuations

Identify programs that may be used to acquire account information and block them by using a software restriction policy or tools that restrict program execution by uysing a process allowlist.

Faiblesses connexes

CWE-ID Nom de la faiblesse

CWE-200

 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Soumission

Nom Organisation Date Date de publication
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00

Modifications

Nom Organisation Date Commentaire
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Weaknesses, Typical_Likelihood_of_Exploit, Typical_Severity
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2019-09-30 +00:00 Updated @Abstraction
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Mitigations