Dark Mode
Capec-224 Detail
Fingerprinting
Meta Software Likelihood: High Typical Severity: Very Low
Children: 312 313 541
Threats: T60 T80 T258 T273 T288 T291 T302 T334 T392 T407
An adversary compares output from a target system to known indicators that uniquely identify specific details about the target. Most commonly, fingerprinting is done to determine operating system and application versions. Fingerprinting can be done passively as well as actively. Fingerprinting by itself is not usually detrimental to the target. However, the information gathered through fingerprinting often enables an adversary to discover existing weaknesses in the target.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-224 | capec | https://capec.mitre.org/data/definitions/224.html | |
| CWE-200 | cwe | http://cwe.mitre.org/data/definitions/200.html | |
| 45 | WASC | http://projects.webappsec.org/Fingerprinting | Fingerprinting |
Not present
- A means by which to interact with the target system directly.
- If on a network, the adversary needs a tool capable of viewing network communications at the packet level and with header information, like Mitmproxy, Wireshark, or Fiddler.
| Medium |
|---|
| Some fingerprinting activity requires very specific knowledge of how different operating systems respond to various TCP/IP requests. Application fingerprinting can be as easy as envoking the application with the correct command line argument, or mouse clicking in the appropriate place on the screen. |
| Confidentiality |
|---|
| Read Data |
Not present