CAPEC-550: Install New Service

Detailed Draft

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

When an operating system starts, it also starts programs called services or daemons. Adversaries may install a new service which will be executed at startup (on a Windows system, by modifying the registry). The service name may be disguised by using a name from a related operating system or benign software. Services are usually run with elevated privileges.

缓解措施

Limit privileges of user accounts so new service creation can only be performed by authorized administrators.

分类映射

分类名称	条目ID	条目名称
ATTACK	1543	Create or Modify System Process

关键信息

CAPEC ID: CAPEC-550

抽象级别: Detailed

状态: Draft

CAPEC-550: Install New Service

攻击模式描述

缓解措施

分类映射

关键信息

相关攻击模式

相关CWE弱点

CAPEC-550: Install New Service

攻击模式描述

缓解措施

分类映射

关键信息

相关攻击模式

ChildOf CAPEC-542

相关CWE弱点