Versions Compared

Old Version 5

changes.mady.by.user David Doret

Saved on

compared with

New Version 6

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Credential Harvesting

Dictionary Term

Table of Contents
minLevel2
typeflat
  •  Compile bibliography

Alternative Forms

Definitions

Definition 1

Credential Harvestingharvesting designates a class of attacks whose objective is to collect characterized by the collection of identity attributes and credentials with the objective of compromising the their linked identities.

Credential Harvestingharvesting may be subdivided into two subclasses:

Example data targets:

  • Credential harvesting in the reconnaissance phase of an attack where identity attributes such as email addresses or login ids are guessed or collected from available data sources. Often, the confidentiality of these identity attributes cannot be effectively assured but they are not sufficient to exploit the identities.

  • Credential harvesting in preparation for the exploitation phase of an attack where identity attributes or credentials such as passwords or session tokens are collected to enable the compromise of identities.

Example identity attributes or credentials that may be collected as part of credential harvesting are:

  • Certificates

  • Email address

  • Login ID

  • Password

  • Password hash

  • Session Token token (especially in Web Cookiesin web cookies or parameters)

Example classes of actors who may engage in credential harvesting:

  • Bots

  • Human attackerHumans

  • Worm Worms (ex: Nimba)

Example methods:data sources used to harvest credentials:

  • Configuration files (e.g. plaintext passwords)

  • Documents (e.g. email addresses, login ids, passwords)

  • Email or application services that allow guessing attributes/dictionary attacks

  • In-memory data (especially e.g. login ids, plaintext passwords, session tokens)

  • Files

  • Phishing website

  • Web scrapingPeople (through social engineering)

  • Phishing websites (e.g. login ids, passwords, second authentication factor)

  • Web sites and forums (e.g. email addresses via web scraping)

Example countermeasures against credential harvesting comprise:

  • Canary identities

  • Disabling credential caching

Sample Sentences

Conceptual Diagram

Related Terms

Quotes

Expand
titleDoe, 2050, p. 1
Include Page
QUOT:Doe, 2050, p. 1
QUOT:Doe, 2050, p. 1

Bibliography

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

  • Anchor
    test-2021
    test-2021

See Also

Filter by label (Content by label)
showLabelsfalse
sorttitle
cqllabel = "credential-harvesting"