CAPEC-4: Using Alternative IP Address Encodings

Description
This attack relies on the adversary using unexpected formats for representing IP addresses. Networked applications may expect network location information in a specific format, such as fully qualified domains names (FQDNs), URL, IP address, or IP Address ranges. If the location information is not validated against a variety of different possible encodings and formats, the adversary can use an alternate format to bypass application access control.
Extended Description

RFID (Radio Frequency Identification) are passive devices which consist of an integrated circuit for processing RF signals and an antenna. RFID devices are passive in that they lack an on on-board power source. The majority of RFID chips operate on either the 13.56 MHz or 135 KHz frequency. The chip is powered when a signal is received by the antenna on the chip, powering the chip long enough to send a reply message. An attacker is able to capture and analyze RFID data by either stimulating the chip to respond or being proximate to the chip when it sends a response to a remote transmitter. This allows the attacker to duplicate the signal and conduct attacks such as gaining unauthorized access to a building or impersonating a user's identification.

Severity :

High

Possibility :

Medium

Type :

Detailed
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-267: Leverage Alternate Encoding Leverage Alternate Encoding
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • The target software must fail to anticipate all of the possible valid encodings of an IP/web address.
  • The adversary must have the ability to communicate with the server.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Low The adversary has only to try IP address format combinations.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Resources required

The adversary needs to have knowledge of an alternative IP address encoding that bypasses the access control policy of an application. Alternatively, the adversary can simply try to brute-force various encoding possibilities.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

CWE-173: Improper Handling of Alternate Encoding

CWE-291: Reliance on IP Address for Authentication

Visit http://capec.mitre.org/ for more details.