Edit Threat

Name

Category

Tags (comma-separated)

Description Adversaries may gather credentials from the proc filesystem or /proc. The proc filesystem is a pseudo-filesystem used as an interface to kernel data structures for Linux based systems managing virtual memory. For each process, the /proc//maps file shows how memory is mapped within the process’s virtual address space. And /proc//mem, exposed for debugging purposes, provides access to the process’s virtual address space. When executing with root privileges, adversaries can search these memory loca