CAPEC-12: Choosing Message Identifier

Description
This pattern of attack is defined by the selection of messages distributed via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.
Extended Description

This is achieved by exploring the target via ordinary interactions for the purpose of gathering intelligence about the target, or by sending data that is syntactically invalid or non-standard in an attempt to produce a response that contains the desired data. As a result of these interactions, the adversary is able to obtain information from the target that aids the attacker in making inferences about its security, configuration, or potential vulnerabilities. Examplar exchanges with the target may trigger unhandled exceptions or verbose error messages that reveal information like stack traces, configuration information, path information, or database design. This type of attack also includes the manipulation of query strings in a URI to produce invalid SQL queries, or by trying alternative path values in the hope that the server will return useful information.

Severity :

High

Possibility :

High

Type :

Standard
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-21: Exploitation of Trusted Identifiers Exploitation of Trusted Identifiers CAPEC-216: Communication Channel Manipulation Communication Channel Manipulation
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Information and client-sensitive (and client-specific) data must be present through a distribution channel available to all users.
  • Distribution means must code (through channel, message identifiers, or convention) message destination in a manner visible within the distribution means itself (such as a control channel) or in the messages themselves.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Low All the adversary needs to discover is the format of the messages on the channel/distribution means and the particular identifier used within the messages.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Resources required

The adversary needs the ability to control source code or application configuration responsible for selecting which message/channel id is absorbed from the public distribution means.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

CWE-201: Insertion of Sensitive Information Into Sent Data

CWE-306: Missing Authentication for Critical Function

Visit http://capec.mitre.org/ for more details.