CAPEC-545: Pull Data from System Resources
Standard
Draft
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1005 | Data from Local System |
| ATTACK | 1555.001 | Credentials from Password Stores:Keychain |