CAPEC-307

TCP RPC Scan
Laag
Stable
2014-06-23
00h00 +00:00
2022-02-22
00h00 +00:00
CAPEC Mitre.org
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Meldingen beheren

Beschrijvingen CAPEC

An adversary scans for RPC services listing on a Unix/Linux host.

Informatie CAPEC

Uitvoeringsstroom

1) Experiment

An adversary sends RCP packets to target ports.

2) Experiment

An adversary uses the response from the target to determine which, if any, RPC service is running on that port. Responses will vary based on which RPC service is running.

Vereisten

RPC scanning requires no special privileges when it is performed via a native system utility.

Vereiste middelen

The ability to craft custom RPC datagrams for use during network reconnaissance via native OS utilities or a port scanning tool. By tailoring the bytes injected one can scan for specific RPC-registered services. Depending upon the method used it may be necessary to sniff the network in order to see the response.

Mitigaties

Typically, an IDS/IPS system is very effective against this type of attack.

Gerelateerde zwakheden

CWE-ID Zwakheidsnaam

CWE-200

 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Referenties

REF-33

Hacking Exposed: Network Security Secrets & Solutions
Stuart McClure, Joel Scambray, George Kurtz.

REF-158

RFC768 - User Datagram Protocol
J. Postel.
http://www.faqs.org/rfcs/rfc768.html

REF-34

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Gordon "Fyodor" Lyon.

REF-130

The Art of Port Scanning
Gordon "Fyodor" Lyon.
http://phrack.org/issues/51/11.html

Indiening

Naam Organisatie Datum Releasedatum
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Wijzigingen

Naam Organisatie Datum Opmerking
CAPEC Content Team The MITRE Corporation 2018-07-31 +00:00 Updated Description, Description Summary, References, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations
CAPEC Content Team The MITRE Corporation 2020-12-17 +00:00 Updated Execution_Flow
CAPEC Content Team The MITRE Corporation 2022-02-22 +00:00 Updated Description, Extended_Description
De informatie die op CVE Find wordt gepresenteerd, is afkomstig van verschillende zorgvuldig geselecteerde referentiebronnen. CVE-gegevens worden geleverd door MITRE Corporation en de National Vulnerability Database (NVD). De Known Exploited Vulnerabilities (KEV)-catalogus is afkomstig van de Cybersecurity and Infrastructure Security Agency (CISA), terwijl EPSS-scores afkomstig zijn van FIRST.org. Daarnaast worden gegevens over softwarezwakheden (CWE) en veelvoorkomende aanvalspatronen (CAPEC) bijgehouden door MITRE Corporation, en informatie over hardware- en softwareconfiguraties (CPE) wordt geleverd door de NVD.