Manipulate Application Registry Values
|Attack Pattern ID: 203 (Standard Attack Pattern Completeness: Stub)||Typical Severity: Medium||Status: Draft|
An attacker manipulates the registry values used by an application to perform a variety of possible attacks. Many applications utilize registries to store configuration and service information. As such, attacks that manipulate these registries can affect individual services (affecting billing, authorization, or even allowing for identity spoofing) or the overall configuration of the targeted application. It is important to note that "registry" does not only refer to the Microsoft Windows Registry, but to any registry used by an application. For example, both Java RMI and SOAP use registries to track available services. Changing registry values is sometimes undertaken as part of another attack; for example, a path traversal (inserting relative path modifiers) or buffer overflow (enlarging a registry value beyond an application's ability to store it), but given the long term usage of many registry values, the registry manipulation could be its own end.
|Nature||Type||ID||Name||Description||View(s) this relationship pertains to|
|ChildOf||Attack Pattern||176||Configuration/Environment manipulation|
Mechanism of Attack (primary)1000