Execution

avatar
Created by
GiganticAngonoka72710

Cards (10)

  • Execution
    • The adversary is trying to run malicious code embedded in machine learning artifacts or software.
    • Execution consists of techniques that result in adversary-controlled code running on a local or remote system. Techniques that run malicious code are often paired with techniques from all other tactics to achieve broader goals, like exploring a network or stealing data. For example, an adversary might use a remote access tool to run a PowerShell script that does Remote System Discovery.
  • User Execution
    • An adversary may rely upon specific actions by a user in order to gain execution. Users may inadvertently execute unsafe code introduced via ML Supply Chain Compromise. Users may be subjected to social engineering to get them to execute malicious code by, for example, opening a malicious document file or link.
  • User Execution: Unsafe ML Artifacts
    • Adversaries may develop unsafe ML artifacts that when executed have a deleterious effect. The adversary can use this technique to establish persistent access to systems. These models may be introduced via a ML Supply Chain Compromise.
    • Serialization of models is a popular technique for model storage, transfer, and loading. However, this format without proper checking presents an opportunity for code execution.
  • Serialization meaning:
    • The process of changing data into a form that can be stored or sent and put back into its original form later: The transmitter handles the encoding of data and serialization for transmission. 
  • Command and Scripting Interpreter
    • Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell.
  • Command and Scripting Interpreter
    • There are also cross-platform interpreters such as Python, as well as those commonly associated with client applications such as JavaScript and Visual Basic.
  • Command and Scripting Interpreter
    • Adversaries may abuse these technologies in various ways as a means of executing arbitrary commands. Commands and scripts can be embedded in Initial Access payloads delivered to victims as lure documents or as secondary payloads downloaded from an existing C2. Adversaries may also execute commands through interactive terminals/shells, as well as utilize various Remote Services in order to achieve remote Execution.
  • LLM Plugin Compromise
    • Adversaries may use their access to an LLM that is part of a larger system to compromise connected plugins. LLMs are often connected to other services or resources via plugins to increase their capabilities. Plugins may include integrations with other applications, access to public or private data sources, and the ability to execute code.
  • LLM Plugin Compromise
    • This may allow adversaries to execute API calls to integrated applications or plugins, providing the adversary with increased privileges on the system. Adversaries may take advantage of connected data sources to retrieve sensitive information. They may also use an LLM integrated with a command or script interpreter to execute arbitrary instructions.
  • LLM Jailbreak
    • An adversary may use a carefully crafted LLM Prompt Injection designed to place LLM in a state in which it will freely respond to any user input, bypassing any controls, restrictions, or guardrails placed on the LLM. Once successfully jailbroken, the LLM can be used in unintended ways by the adversary.