Re: Single Stage Attacks?

[dreamwvr <dreamwvr () dreamwvr com>]

snort user wrote:
> Greetings All,
>
> Typically, network based attacks have multiple stages.
> (reconnaissance, infection, download rootkit, call home, further infection etc)
>
> Some attacks may have a single stage (without reconnaissance) to
> compromise a host.
> However, even those attacks have a post-compromise stage, such as call home
> or transfer/steal data or something else.
> Otherwise, what's the motivation for compromising in the first place?
>
> Can someone enlighten me if there are attacks that only have a single stage?
> Examples or scenarios is much appreciated.
>
>
> Thanks
>
>   
Any attack on mail and web systems using their default domainnames
to spray discord would fit the bill IMHO. Take any that does privilege
escalation on mail or webservers coupled with worm tendencies. Then simply
gets the type of daemon and attacks accordingly. Most often it will get
enough information to wreak havoc by the way the daemons responds..
That is all..
Best Regards,
dreamwvr () dreamwvr com
ps - sure you could consider this
       a multi level attack if you want
      too..