CAPEC-200: Removal of filters: Input filters, output filters, data masking

攻击模式描述

An attacker removes or disables filtering mechanisms on the target application. Input filters prevent invalid data from being sent to an application (for example, overly large inputs that might cause a buffer overflow or other malformed inputs that may not be correctly handled by an application). Input filters might also be designed to constrained executable content.

前提条件

• The target application must utilize some sort of filtering mechanism (input, output, or data masking).

所需资源

• None: No specialized resources are required to execute this type of attack.