Home > CAPEC List > CAPEC-560: Use of Known Domain Credentials (Version 2.10)  

CAPEC-560: Use of Known Domain Credentials

 
Use of Known Domain Credentials
Definition in a New Window Definition in a New Window
Attack Pattern ID: 560
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary uses stolen credentials (e.g., userid and password) to access systems managed under the same credential framework on a local network. Often, users are allowed to login to connected machines using the same password. Discovery of the password on one machine allows for lateral movement to those machines.

+ References
[R.560.1] ATT&CK Project. "Legitimate Credentials (1078)". MITRE. <https://attack.mitre.org/wiki/Legitimate_Credentials>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team
Modifications
ModifierOrganizationDateCommentsSource
CAPEC Content TeamThe MITRE Corporation2015-12-07Updated ReferencesInternal
More information is available — Please select a different filter.
Page Last Updated or Reviewed: May 01, 2017