Dettaglio CAPEC-307

CAPEC-307

TCP RPC Scan
Basso
Stable
2014-06-23
00h00 +00:00
2022-02-22
00h00 +00:00
CAPEC Mitre.org
Avviso per un CAPEC specifico
Rimani informato su qualsiasi modifica relativa a un CAPEC specifico.
Gestione notifiche

Descrizioni CAPEC

An adversary scans for RPC services listing on a Unix/Linux host.

Informazioni CAPEC

Flusso di esecuzione

1) Experiment

An adversary sends RCP packets to target ports.

2) Experiment

An adversary uses the response from the target to determine which, if any, RPC service is running on that port. Responses will vary based on which RPC service is running.

Prerequisiti

RPC scanning requires no special privileges when it is performed via a native system utility.

Risorse richieste

The ability to craft custom RPC datagrams for use during network reconnaissance via native OS utilities or a port scanning tool. By tailoring the bytes injected one can scan for specific RPC-registered services. Depending upon the method used it may be necessary to sniff the network in order to see the response.

Mitigazioni

Typically, an IDS/IPS system is very effective against this type of attack.

Vulnerabilità correlate

CWE-ID Nome della vulnerabilità

CWE-200

 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Riferimenti

REF-33

Hacking Exposed: Network Security Secrets & Solutions
Stuart McClure, Joel Scambray, George Kurtz.

REF-158

RFC768 - User Datagram Protocol
J. Postel.
http://www.faqs.org/rfcs/rfc768.html

REF-34

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Gordon "Fyodor" Lyon.

REF-130

The Art of Port Scanning
Gordon "Fyodor" Lyon.
http://phrack.org/issues/51/11.html

Invio

Nome Organizzazione Data Data di rilascio
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifiche

Nome Organizzazione Data Commento
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Description, Description Summary, References, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations
CAPEC Content Team The MITRE Corporation 2020-12-17 +00:00 Updated Execution_Flow
CAPEC Content Team The MITRE Corporation 2022-02-22 +00:00 Updated Description, Extended_Description
Le informazioni presentate su CVE Find provengono da diverse fonti di riferimento attentamente selezionate. I dati CVE sono forniti da MITRE Corporation e dal National Vulnerability Database (NVD). Il catalogo delle vulnerabilità sfruttate conosciute (KEV) proviene dalla Cybersecurity and Infrastructure Security Agency (CISA), mentre i punteggi EPSS provengono da FIRST.org. Inoltre, i dati relativi alle vulnerabilità software (CWE) e ai pattern di attacco comuni (CAPEC) sono mantenuti da MITRE Corporation, e le informazioni sulle configurazioni hardware e software (CPE) sono fornite da NVD.