615 indexed
CAPECCAPEC attack patterns
615 MITRE CAPEC entries — attack patterns at meta, standard, and detailed abstraction levels. Filter by abstraction. Authored by Adam Lundqvist.
Showing 101–150 of 615 · page 3 of 13
| ID | Title | Summary |
|---|---|---|
| CAPEC-194 | Fake the Source of Data | An adversary takes advantage of improper authentication to provide data or services under a falsified identity. The purpose of using the falsified identity may… |
| CAPEC-195 | Principal Spoof | A Principal Spoof is a form of Identity Spoofing where an adversary pretends to be some other person in an interaction. This is often accomplished by crafting … |
| CAPEC-196 | Session Credential Falsification through Forging | An attacker creates a false but functional session credential in order to gain or usurp access to a service. Session credentials allow users to identify themse… |
| CAPEC-197 | Exponential Data Expansion | An adversary submits data to a target application which contains nested exponential data expansion to produce excessively large output. Many data format langua… |
| CAPEC-198 | XSS Targeting Error Pages | An adversary distributes a link (or possibly some other query structure) with a request to a third party web server that is malformed and also contains a block… |
| CAPEC-199 | XSS Using Alternate Syntax | An adversary uses alternate forms of keywords or commands that result in the same action as the primary form but which may not be caught by filters. For exampl… |
| CAPEC-2 | Inducing Account Lockout | An attacker leverages the security functionality of the system aimed at thwarting potential attacks to launch a denial of service attack against a legitimate s… |
| CAPEC-20 | Encryption Brute Forcing | An attacker, armed with the cipher text and the encryption algorithm used, performs an exhaustive (brute force) search on the key space to determine the key th… |
| CAPEC-200 | Removal of filters: Input filters, output filters, data masking | An attacker removes or disables filtering mechanisms on the target application. Input filters prevent invalid data from being sent to an application (for examp… |
| CAPEC-201 | Serialized Data External Linking | An adversary creates a serialized data file (e.g. XML, YAML, etc...) that contains an external data reference. Because serialized data parsers may not validate… |
| CAPEC-202 | Create Malicious Client | An adversary creates a client application to interface with a target service where the client violates assumptions the service makes about clients. Services th… |
| CAPEC-203 | Manipulate Registry Information | An adversary exploits a weakness in authorization in order to modify content within a registry (e.g., Windows Registry, Mac plist, application registry). Editi… |
| CAPEC-204 | Lifting Sensitive Data Embedded in Cache | An adversary examines a target application's cache, or a browser cache, for sensitive information. Many applications that communicate with remote entities or w… |
| CAPEC-205 | DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin) | This attack pattern has been deprecated as it is a duplicate of CAPEC-37 : Retrieve Embedded Sensitive Data. Please refer to this other pattern going forward. … |
| CAPEC-206 | Signing Malicious Code | The adversary extracts credentials used for code signing from a production environment and then uses these credentials to sign malicious content with the devel… |
| CAPEC-207 | Removing Important Client Functionality | An adversary removes or disables functionality on the client that the server assumes to be present and trustworthy. Metadata: standard CAPEC pattern, status d… |
| CAPEC-208 | Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements | An attacker removes or modifies the logic on a client associated with monetary calculations resulting in incorrect information being sent to the server. A serv… |
| CAPEC-209 | XSS Using MIME Type Mismatch | An adversary creates a file with scripting content but where the specified MIME type of the file is such that scripting is not expected. The adversary tricks t… |
| CAPEC-21 | Exploitation of Trusted Identifiers | Metadata: meta CAPEC pattern, status stable, likelihood high, severity high. Underlying weaknesses: CWE-290, CWE-302, CWE-346, CWE-539, CWE-6 (and 4 more). Map… |
| CAPEC-211 | DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior | This attack pattern has been deprecated as it was deemed not to be a legitimate attack pattern. Metadata: detailed CAPEC pattern, status deprecated. Metadata… |
| CAPEC-212 | Functionality Misuse | An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not alter… |
| CAPEC-213 | DEPRECATED: Directory Traversal | This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-126 : Path Traversal". Please refer to this other CAPEC goin… |
| CAPEC-214 | DEPRECATED: Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping | This attack pattern has been deprecated as it was merged into "CAPEC-215 : Fuzzing for application mapping". Please refer to this other CAPEC going forward. M… |
| CAPEC-215 | Fuzzing for application mapping | An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. Th… |
| CAPEC-216 | Communication Channel Manipulation | An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, inserti… |
| CAPEC-217 | Exploiting Incorrectly Configured SSL/TLS | An adversary takes advantage of incorrectly configured SSL/TLS communications that enables access to data intended to be encrypted. The adversary may also use … |
| CAPEC-218 | Spoofing of UDDI/ebXML Messages | An attacker spoofs a UDDI, ebXML, or similar message in order to impersonate a service provider in an e-business transaction. UDDI, ebXML, and similar standard… |
| CAPEC-219 | XML Routing Detour Attacks | An attacker subverts an intermediate system used to process XML content and forces the intermediate to modify and/or re-route the processing of the content. XM… |
| CAPEC-22 | Exploiting Trust in Client | An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a ser… |
| CAPEC-220 | Client-Server Protocol Manipulation | An adversary takes advantage of weaknesses in the protocol by which a client and server are communicating to perform unexpected actions. Communication protocol… |
| CAPEC-221 | Data Serialization External Entities Blowup | This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replaceme… |
| CAPEC-222 | iFrame Overlay | In an iFrame overlay attack the victim is tricked into unknowingly initiating some action in one system while interacting with the UI from seemingly completely… |
| CAPEC-224 | Fingerprinting | An adversary compares output from a target system to known indicators that uniquely identify specific details about the target. Most commonly, fingerprinting i… |
| CAPEC-226 | Session Credential Falsification through Manipulation | An attacker manipulates an existing credential in order to gain access to a target application. Session credentials allow users to identify themselves to a ser… |
| CAPEC-227 | Sustained Client Engagement | An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as l… |
| CAPEC-228 | DTD Injection | An attacker injects malicious content into an application's DTD in an attempt to produce a negative technical impact. DTDs are used to describe how XML documen… |
| CAPEC-229 | Serialized Data Parameter Blowup | This attack exploits certain serialized data parsers (e.g., XML, YAML, etc.) which manage data in an inefficient manner. The attacker crafts an serialized data… |
| CAPEC-23 | File Content Injection | An adversary poisons files with a malicious payload (targeting the file systems accessible by the target software), which may be passed through by standard cha… |
| CAPEC-230 | Serialized Data with Nested Payloads | Applications often need to transform data in and out of a data format (e.g., XML and YAML) by using a parser. It may be possible for an adversary to inject dat… |
| CAPEC-231 | Oversized Serialized Data Payloads | An adversary injects oversized serialized data payloads into a parser during data processing to produce adverse effects upon the parser such as exhausting syst… |
| CAPEC-233 | Privilege Escalation | An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform. Metada… |
| CAPEC-234 | Hijacking a privileged process | An adversary gains control of a process that is assigned elevated privileges in order to execute arbitrary code with those privileges. Some processes are assig… |
| CAPEC-235 | DEPRECATED: Implementing a callback to system routine (old AWT Queue) | This attack pattern has been deprecated. Please refer to CAPEC:30 - Hijacking a Privileged Thread of Execution. Metadata: detailed CAPEC pattern, status depre… |
| CAPEC-236 | DEPRECATED: Catching exception throw/signal from privileged block | This attack pattern has been deprecated as it did not have enough distinction from CAPEC-30 : Hijacking a Privileged Thread of Execution. Please refer to CAPEC… |
| CAPEC-237 | Escaping a Sandbox by Calling Code in Another Language | The attacker may submit malicious code of another language to obtain access to privileges that were not intentionally exposed by the sandbox, thus escaping the… |
| CAPEC-238 | DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege | This attack pattern has been deprecated as it did not appear to be a valid attack pattern. Metadata: detailed CAPEC pattern, status deprecated. Metadata: det… |
| CAPEC-239 | DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc. | This attack pattern has been deprecated as it did not contain any content and did not serve any useful purpose. Please refer to "CAPEC-207: removing Important … |
| CAPEC-24 | Filter Failure through Buffer Overflow | In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the… |
| CAPEC-240 | Resource Injection | An adversary exploits weaknesses in input validation by manipulating resource identifiers enabling the unintended modification or specification of a resource. … |
| CAPEC-241 | DEPRECATED: Code Injection | This attack pattern has been deprecated as it is a duplicate of the existing attack pattern "CAPEC-242 : Code Injection". Please refer to this other CAPEC goin… |