CAPEC-461
Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
Hoch
Draft
2014-06-23
00h00 +00:00
00h00 +00:00
2022-09-29
00h00 +00:00
00h00 +00:00
Benachrichtigung für ein CAPEC
Bleiben Sie über alle Änderungen zu einem bestimmten CAPEC informiert.
CAPEC-Beschreibungen
An adversary utilizes a hash function extension/padding weakness, to modify the parameters passed to the web service requesting authentication by generating their own call in order to generate a legitimate signature hash (as described in the notes), without knowledge of the secret token sometimes provided by the web service.
CAPEC-Informationen
Ausführungsablauf
1) Explore
[Find a vulnerable web service] The adversary finds a web service that uses a vulnerable authentication scheme, where an authentication token is concatenated with the parameters of a request and then hashed
Technik
- Read application documentation to learn about authentication schemes being used
- Observe web service traffic to look for vulnerable authentication schemes
2) Experiment
[Attempt adding padding to parameters] An adversary tests if they can simply add padding to the parameters of a request such that the request is technically changed, with the hash remaining the same
Technik
- Exploit the hash function extension / padding weakness with only padding to test the weakness
3) Exploit
[Add malicious parameters to request] Add malicious parameters to a captured request in addition to what is already present. Do this by exploiting the padding weakness of the hash function and send the request to the web service so that it believes it is authenticated and acts on the extra parameters.
Technik
- Exploit the hash function extension / padding weakness by adding malicious parameters to a web service request such that it is still deemed authentic
Voraussetzungen
Web services check the signature of the API callsAuthentication tokens / secrets are shared between the server and the legitimate client
The API call signature is generated by concatenating the parameter list with the shared secret and hashing the result.
An iterative hash function like MD5 and SHA1 is used.
An attacker is able to intercept or in some other way gain access to the information passed between the legitimate client and the server in order to retrieve the hash value and length of the original message.
The communication channel between the client and the server is not secured via channel security such as TLS
Erforderliche Kenntnisse
Medium level of cryptography knowledge, specifically how iterative hash functions work. This is needed to select proper padding.Erforderliche Ressourcen
Gegenmaßnahmen
Design: Use a secure message authentication code (MAC) function such as an HMAC-SHA1Verwandte Schwachstellen
| Name der Schwachstelle | |
|---|---|
CWE-328 |
Use of Weak Hash The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack). |
CWE-290 |
Authentication Bypass by Spoofing This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks. |
Referenzen
REF-398
Flickr's API Signature Forgery VulnerabilityThai Duong, Juliano Rizzo.
http://netifera.com/research/flickr_api_signature_forgery.pdf
Einreichung
| Name | Organisation | Datum | Veröffentlichungsdatum |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Änderungen
| Name | Organisation | Datum | Kommentar |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Prerequisites, Description Summary | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Example_Instances | |
| CAPEC Content Team | The MITRE Corporation | Updated Execution_Flow | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Extended_Description |
