Full Disclosure mailing list archives
Re: Info about attack trees
From: coderman <coderman () gmail com>
Date: Sat, 26 May 2012 13:50:36 -0700
On Sat, May 26, 2012 at 1:32 PM, Gage Bystrom <themadichib0d () gmail com> wrote:
If you havnt guessed from the replies, there are no such thing as an attack tree... The classical method is something along the lines of preform recon, enumerate, attack, presist/extract data. You react based upon the information you gather, the more information you have, the clearer it is on to what the next step ought to be.
this concept is more useful in fully automated exploit + post-exploitation systems, where you have an arsenal of exploits of varying stealth, reliability, applicability. the result of exploit preference, exploit chaining, and contingency paths based on real-time feedback results in a tree like structure following the path of least resistance to total compromise. you need to prepare this tree ahead of time as a human in the loop will only slow down the process and increase the risk of counter measures frustrating further attack. a pedant would call them exploit graphs ;) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Info about attack trees Federico De Meo (May 25)
- Re: Info about attack trees Urlan (May 25)
- Re: Info about attack trees Thor (Hammer of God) (May 25)
- Re: Info about attack trees Gage Bystrom (May 26)
- Re: Info about attack trees coderman (May 26)
- Re: Info about attack trees Georgi Guninski (May 28)
- Re: Info about attack trees coderman (May 28)
- Re: Info about attack trees coderman (May 26)
- Re: Info about attack trees Urlan (May 25)
- Re: Info about attack trees Daniel Hadfield (May 27)
- Re: Info about attack trees Peter Dawson (May 28)
- Re: Info about attack trees Gage Bystrom (May 28)
- Re: Info about attack trees Peter Dawson (May 28)
- <Possible follow-ups>
- Fw: Info about attack trees Jerry dePriest (May 28)
- Re: Info about attack trees Defence in Depth (May 29)