Format String Injection
Attack Pattern ID: 135 (Standard Attack Pattern Completeness: Stub)Typical Severity: HighStatus: Draft
+ Description

Summary

An attacker includes formatting characters in a string input field on the target application. Most applications assume that users will provide static text and may respond unpredictably to the presence of formatting character. For example, in certain functions of the C programming languages such as printf, the formatting character %s will print the contents of a memory location expecting this location to identify a string. An attacker can use this to read or write to memory locations or files, or simply to manipulate the value of the resulting text in unexpected ways. Reading or writing memory may result in program crashes and writing memory could result in the execution of arbitrary code if the attacker can write to the program stack.

+ Attack Prerequisites

The target application must accept a string as user input, fail to sanitize string formatting characters in the user input, and process this string using functions that interpret string formatting characters.

+ Resources Required

No special resources are required beyond the ability to provide string input to the target.

+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfCategoryCategory152Injection (Injecting Control Plane content through the Data Plane) 
Mechanism of Attack (primary)1000
Back to top