Client-Server Protocol Manipulation |
Attack Pattern ID: 220 (Standard Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Summary
An attacker takes advantage of weaknesses in the protocol by which a client and server are communicating to perform unexpected actions. Communication protocols are necessary to transfer messages between client and server applications. Moreover, different protocols may be used for different types of interactions. For example, an authentication protocol might be used to establish the identities of the server and client while a separate messaging protocol might be used to exchange data. If there is a weakness in a protocol used by the client and server, an attacker might take advantage of this to perform various types of attacks. For example, if the attacker is able to manipulate an authentication protocol, the attacker may be able spoof other clients or servers. If the attacker is able to manipulate a messaging protocol, the may be able to read sensitive information or modify message contents. This attack is often made easier by the fact that many clients and servers support multiple protocols to perform similar roles. For example, a server might support several different authentication protocols in order to support a wide range of clients, including legacy clients. Some of the older protocols may have vulnerabilities that allow an attacker to manipulate client-server interactions.
The client and/or server must utilize a protocol that has a weakness allowing attacker manipulation of the interaction.
The attacker must be able to identify the weakness in the utilized protocol and exploit it. This may require a sniffing tool as well as packet creation abilities. The attacker will be aided if they can force the client and/or server to utilize a specific protocol known to contain exploitable weaknesses.
CWE-ID | Weakness Name | Weakness Relationship Type |
---|---|---|
757 | Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') | Secondary |
Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|
ChildOf | Attack Pattern | 22 | Exploiting Trust in Client (aka Make the Client Invisible) | Mechanism of Attack (primary)1000 | |
ChildOf | Attack Pattern | 151 | Identity Spoofing (Impersonation) | Mechanism of Attack (primary)1000 | |
ChildOf | Attack Pattern | 272 | Protocol Manipulation | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 32 | Embedding Scripts in HTTP Query Strings | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 33 | HTTP Request Smuggling | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 34 | HTTP Response Splitting | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 86 | Embedding Script (XSS ) in HTTP Headers | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 90 | Reflection Attack in Authentication Protocol | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 105 | HTTP Request Splitting | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 273 | HTTP Response Smuggling | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 274 | HTTP Verb Tampering | Mechanism of Attack (primary)1000 |