CAPEC-461 Detail

CAPEC-461

Name

Web Services API Signature Forgery Leveraging Hash Function Extension Weakness

Typical Severity

High

Status

Draft

Published

2014-06-23
00h00 +00:00

Modified

2022-09-29
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary utilizes a hash function extension/padding weakness, to modify the parameters passed to the web service requesting authentication by generating their own call in order to generate a legitimate signature hash (as described in the notes), without knowledge of the secret token sometimes provided by the web service.

Informations CAPEC

Execution Flow

1) Explore

[Find a vulnerable web service] The adversary finds a web service that uses a vulnerable authentication scheme, where an authentication token is concatenated with the parameters of a request and then hashed

Technique

Read application documentation to learn about authentication schemes being used
Observe web service traffic to look for vulnerable authentication schemes

2) Experiment

[Attempt adding padding to parameters] An adversary tests if they can simply add padding to the parameters of a request such that the request is technically changed, with the hash remaining the same

Technique

Exploit the hash function extension / padding weakness with only padding to test the weakness

3) Exploit

[Add malicious parameters to request] Add malicious parameters to a captured request in addition to what is already present. Do this by exploiting the padding weakness of the hash function and send the request to the web service so that it believes it is authenticated and acts on the extra parameters.

Technique

Exploit the hash function extension / padding weakness by adding malicious parameters to a web service request such that it is still deemed authentic

Prerequisites

Web services check the signature of the API calls
Authentication tokens / secrets are shared between the server and the legitimate client
The API call signature is generated by concatenating the parameter list with the shared secret and hashing the result.
An iterative hash function like MD5 and SHA1 is used.
An attacker is able to intercept or in some other way gain access to the information passed between the legitimate client and the server in order to retrieve the hash value and length of the original message.
The communication channel between the client and the server is not secured via channel security such as TLS

Skills Required

Medium level of cryptography knowledge, specifically how iterative hash functions work. This is needed to select proper padding.

Resources Required

Access to a function to produce a hash (e.g., MD5, SHA1)

Tools that allow the attacker to intercept a message between the client and the server, specifically the hash that is the signature and the length of the original message concatenated with the secret bytes

Mitigations

Design: Use a secure message authentication code (MAC) function such as an HMAC-SHA1

Related Weaknesses

CWE-ID	Weakness Name
CWE-328	Use of Weak Hash The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
CWE-290	Authentication Bypass by Spoofing This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

References

REF-398

Flickr's API Signature Forgery Vulnerability
Thai Duong, Juliano Rizzo.
http://netifera.com/research/flickr_api_signature_forgery.pdf

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2014-06-23 +00:00

Modifications

Name	Organization	Date	Comment
CAPEC Content Team	The MITRE Corporation	2018-07-31 +00:00	Updated Attack_Prerequisites, Description Summary
CAPEC Content Team	The MITRE Corporation	2020-12-17 +00:00	Updated Description, Example_Instances
CAPEC Content Team	The MITRE Corporation	2021-10-21 +00:00	Updated Execution_Flow
CAPEC Content Team	The MITRE Corporation	2022-09-29 +00:00	Updated Description, Extended_Description

CAPEC-461 Detail

CAPEC-461

Descriptions CAPEC

Informations CAPEC

Execution Flow

Prerequisites

Skills Required

Resources Required

Mitigations

Related Weaknesses

CWE-328

CWE-290

References

REF-398

Submission

Modifications