File System Permissions Weakness (T1044)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • File System Permissions Weakness

Associated Tactics

  • Persistence
  • Privilege Escalation

Persistence (TA0003)

The adversary is trying to maintain their foothold. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code.

View on ATT&CK

Procedure Examples

Description Source(s)
capec
Kugler, R. (2012, November 20). Mozilla Foundation Security Advisory 2012-98. Retrieved March 10, 2017. Mozilla Firefox Installer DLL Hijack
Kanthak, S. (2015, December 8). Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege. Retrieved March 10, 2017. Seclists Kanthak 7zip Installer