![]() Infrastructure as a Service (IaaS) cloud providers such as AWS, GCP, and Azure allow access to instance and virtual machine information via APIs. System Information Discovery combined with information gathered from other forms of discovery and reconnaissance can drive payload development and concealment. Adversaries may also leverage a Network Device CLI on network devices to gather detailed system information (e.g. As an example, adversaries with user-level access can execute the df -aH command to obtain currently mounted disks and associated freely available space. If running with privileged access, a breakdown of system data can be gathered through the systemsetup configuration tool on macOS. Tools such as Systeminfo can be used to gather detailed system information. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions. ![]() An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |