Detections
Analytics
Command and Scripting Interpreter: Unix Shell
Description
Adversaries may abuse Unix shell commands and scripts for execution. Unix shells are the primary command prompt on Linux and macOS systems, though many variations of the Unix shell exist (e.g. sh, bash, zsh, etc.) depending on the specific OS or distribution.[1][2] Unix shells can control every aspect of a system, with certain commands requiring elevated privileges.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Linux machines | SSH Scan | SSH | User List Enumeration | Plugin ID: 95928 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Execution
Technique: Command and Scripting Interpreter
Sub-Technique: Unix Shell
Platform: Linux
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2024 Q1