Standardseverity: MediumDraft

CAPEC-150Collect Data from Common Resource Locations

Abstraction
Standard
Status
Draft
Severity
Medium

Description

An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.

Related weaknesses· 7

CWE-552CWE-1239CWE-1258CWE-1266CWE-1272CWE-1323CWE-1330

MITRE ATT&CK crosswalk· 6

T1003: OS Credential DumpingT1119: Automated CollectionT1213: Data from Information RepositoriesT1530: Data from Cloud Storage ObjectT1555: Credentials from Password StoresT1602: Data from Configuration Repository

Related attack patterns· 1

CAPEC-116 (ChildOf)

Exploits7

TypeTargetConfidenceTier
WeaknessRemanent Data Readable after Memory Erasecwe-1330100%live
WeaknessImproper Zeroization of Hardware Registercwe-1239100%live
WeaknessImproper Management of Sensitive Trace Datacwe-1323100%live
WeaknessSensitive Information Uncleared Before Debug/Power State Transitioncwe-1272100%live
WeaknessExposure of Sensitive System Information Due to Uncleared Debug Informationcwe-1258100%live
WeaknessFiles or Directories Accessible to External Partiescwe-552100%live
WeaknessImproper Scrubbing of Sensitive Data from Decommissioned Devicecwe-1266100%live

Related to6

TypeTargetConfidenceTier
TechniqueAutomated Collectiont1119100%live
TechniqueData from Configuration Repositoryt1602100%live
TechniqueCredentials from Password Storest1555100%live
TechniqueOS Credential Dumpingt1003100%live
TechniqueData from Cloud Storaget1530100%live
TechniqueData from Information Repositoriest1213100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Identify Shared Files/Directories on System
CAPEC
Pull Data from System Resources
CAPEC
File Discovery
CAPEC
Collect Data from Registries
CAPEC
Explore for Predictable Temporary File Names
CAPEC
Directory Indexing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.