CAPEC-121: Exploit Non-Production Interfaces
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
执行流程
步骤 1 Explore
[Determine Vulnerable Interface] An adversary explores a target system for sample or test interfaces that have not been disabled by a system administrator and which may be exploitable by the adversary.
- If needed, the adversary explores an organization's network to determine if any specific systems of interest exist.
步骤 2 Exploit
[Leverage Test Interface to Execute Attacks] Once an adversary has discovered a system with a non-production interface, the interface is leveraged to exploit the system and/or conduct various attacks.
- The adversary can leverage the sample or test interface to conduct several types of attacks such as Adversary-in-the-Middle attacks (CAPEC-94), keylogging, Cross Site Scripting (XSS), hardware manipulation attacks, and more.
前提条件
- The target must have configured non-production interfaces and failed to secure or remove them when brought into a production environment.
所需技能
所需资源
- For some interfaces, the adversary will need that appropriate client application or hardware that interfaces with the interface. Other non-production interfaces can be executed using simple tools, such as web browsers or console windows. In some cases, an adversary may need to be able to authenticate to the target before it can access the vulnerable interface.
后果影响
影响范围: Confidentiality Access Control Authentication
技术影响: Gain Privileges
影响范围: Confidentiality Access Control Authorization
技术影响: Read Data
影响范围: Access Control Integrity
技术影响: Modify Data
缓解措施
Ensure that production systems do not contain non-production interfaces and that these interfaces are only used in development environments.