クラス: Exploit
エクスプロイトとは、悪意のある目的のためにローカルコンピュータまたはリモートコンピュータ上で実行されているソフトウェアの1つまたは複数の脆弱性を利用するデータまたは実行可能コードを含むプログラムです。多くの場合、悪意のあるユーザーは、悪意のあるコードをインストールするために(たとえば、悪意のあるプログラムを使用して侵害されたWebサイトにすべての訪問者を感染させるために)被害者のコンピュータに侵入するための攻撃を利用します。さらに、悪意のあるコンピューティングは、ユーザから何も要求されずに被害者のコンピュータをハックするためにNet-Wormsによって一般に使用されます。 Nukerのプログラムは悪用のなかでも注目に値する。そのようなプログラムは特別に細工された要求をローカルまたはリモートのコンピュータに送信し、システムがクラッシュする原因となります。プラットフォーム: JS
JavaScript(JS)は、プロトタイプベースのプログラミング言語です。 JavaScriptは伝統的にインタープリター言語として実装されてきました。最も一般的な使用方法は、Webブラウザにあり、Webページにインタラクティブ機能を追加するためのスクリプティングに使用されます。ファミリー: Exploit.JS.Pdfka
No family descriptionExamples
F8DE5FAAE9DC2C8C0216D5637AC035DDE06C4029AD15A74BC4185690ABA9ACF5
7ADC77B4FA8C1F4A3FBF8740013BECF4
55E7820575DFD97FE69E9947A99F2513
5126013E9F91B2B690F98E100808F242
Tactics and Techniques: Mitre*
TA0007
Discovery
The adversary is trying to figure out your environment.
Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what’s around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what’s around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1082
System Information Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tools such as Systeminfo can be used to gather detailed system information. If running with privileged access, a breakdown of system data can be gathered through the
Infrastructure as a Service (IaaS) cloud providers such as AWS, GCP, and Azure allow access to instance and virtual machine information via APIs. Successful authenticated API calls can return data such as the operating system platform and status of a particular instance or the model view of a virtual machine.(Citation: Amazon Describe Instance)(Citation: Google Instances Resource)(Citation: Microsoft Virutal Machine API)
Tools such as Systeminfo can be used to gather detailed system information. If running with privileged access, a breakdown of system data can be gathered through the
systemsetup configuration tool on macOS. As an example, adversaries with user-level access can execute the df -aH command to obtain currently mounted disks and associated freely available space. Adversaries may also leverage a Network Device CLI on network devices to gather detailed system information (e.g. show version).(Citation: US-CERT-TA18-106A) System Information Discovery combined with information gathered from other forms of discovery and reconnaissance can drive payload development and concealment.(Citation: OSX.FairyTale)(Citation: 20 macOS Common Tools and Techniques)Infrastructure as a Service (IaaS) cloud providers such as AWS, GCP, and Azure allow access to instance and virtual machine information via APIs. Successful authenticated API calls can return data such as the operating system platform and status of a particular instance or the model view of a virtual machine.(Citation: Amazon Describe Instance)(Citation: Google Instances Resource)(Citation: Microsoft Virutal Machine API)
* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.