CAPEC-51
Poison Web Service Registry
HIGH
Draft
2014-06-23 00:00 +00:00
2022-09-29 00:00 +00:00
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Description
SOA and Web Services often use a registry to perform look up, get schema information, and metadata about services. A poisoned registry can redirect (think phishing for servers) the service requester to a malicious service provider, provide incorrect information in schema or metadata, and delete information about service provider interfaces.
Informations
Execution Flow
1) Explore
[Find a target SOA or Web Service] The adversary must first indentify a target SOA or Web Service.
2) Experiment
[Determine desired outcome] Because poisoning a web service registry can have different outcomes, the adversary must decide how they wish to effect the webservice.
Technique
- An adversary can perform a denial of service attack on a web service.
- An adversary can redirect requests or responses to a malicious service.
3) Experiment
[Determine if a malicious service needs to be created] If the adversary wishes to redirect requests or responses, they will need to create a malicious service to redirect to.
Technique
- Create a service to that requests are sent to in addition to the legitimate service and simply record the requests.
- Create a service that will give malicious responses to a service provider.
- Act as a malicious service provider and respond to requests in an arbitrary way.
4) Exploit
[Poison Web Service Registry] Based on the desired outcome, poison the web service registry. This is done by altering the data at rest in the registry or uploading malicious content by spoofing a service provider.
Technique
- Intercept and change WS-Adressing headers to route to a malicious service or service provider.
- Provide incorrect information in schema or metadata to cause a denial of service.
- Delete information about service procider interfaces to cause a denial of service.
Prerequisites
The attacker must be able to write to resources or redirect access to the service registry.Skills Required
To identify and execute against an over-privileged system interfaceResources Required
Capability to directly or indirectly modify registry resourcesMitigations
Design: Enforce principle of least privilegeDesign: Harden registry server and file access permissions
Implementation: Implement communications to and from the registry using secure protocols
Faiblesses connexes
| Nom de la faiblesse | |
|---|---|
| Improper Authorization The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
|
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
|
| Protection Mechanism Failure The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
Submission
| Name | Organization | Date | Date Release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Description, Execution_Flow | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Extended_Description | |
| CAPEC Content Team | The MITRE Corporation | Updated Example_Instances |
2024©
tesweb SA
