Class: Exploit
Exploits are programs that contain data or executable code which take advantage of one or more vulnerabilities in software running on a local or remote computer for clearly malicious purposes. Often, malicious users employ an exploit to penetrate a victim computer in order to subsequently install malicious code (for example, to infect all visitors to a compromised website with a malicious program). Additionally, exploits are commonly used by Net-Worms in order to hack a victim computer without any action being required from the user. Nuker programs are notable among exploits; such programs send specially crafted requests to local or remote computers, causing the system to crash.Read more
Platform: Linux
Linux is a family of UNIX-influenced operating systems based on the Linux kernel and GNU tools.Family: Exploit.Linux.CVE-2017-7308.a
No family descriptionExamples
2E31027310BB42F85149FE59715F3184Tactics and Techniques: Mitre*
Adversaries may inject malicious code into processes via ptrace (process trace) system calls in order to evade process-based defenses as well as possibly elevate privileges. Ptrace system call injection is a method of executing arbitrary code in the address space of a separate live process.
Adversaries may inject malicious code into processes via ptrace (process trace) system calls in order to evade process-based defenses as well as possibly elevate privileges. Ptrace system call injection is a method of executing arbitrary code in the address space of a separate live process.
Adversaries may clear system logs to hide evidence of an intrusion. macOS and Linux both keep track of system or user-initiated actions via system logs. The majority of native system logging is stored under the /var/log/
directory. Subfolders in this directory categorize logs by their related functions, such as:(Citation: Linux Logs)
* /var/log/messages:
: General and system-related messages
* /var/log/secure
or /var/log/auth.log
: Authentication logs
* /var/log/utmp
or /var/log/wtmp
: Login records
* /var/log/kern.log
: Kernel logs
* /var/log/cron.log
: Crond logs
* /var/log/maillog
: Mail server logs
* /var/log/httpd/
: Web server access and error logs
Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches (dir /a
for Windows and ls –a
for Linux and macOS).
* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.