CAPEC-465: Transparent Proxy Abuse
Standard
Draft
严重程度: Medium
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
A transparent proxy serves as an intermediate between the client and the internet at large. It intercepts all requests originating from the client and forwards them to the correct location. The proxy also intercepts all responses to the client and forwards these to the client. All of this is done in a manner transparent to the client.
前提条件
- Transparent proxy is usedVulnerable configuration of network topology involving the transparent proxy (e.g., no NAT happening between the client and the proxy)Execution of malicious Flash or Applet in the victim's browser
所需技能
Medium
Creating malicious Flash or Applet to open a cross-domain socket connection to a remote system
缓解措施
Design: Ensure that the transparent proxy uses an actual network layer IP address for routing requests. On the transparent proxy, disable the use of routing based on address information in the HTTP host header.
Configuration: Disable in the browser the execution of Java Script, Flash, SilverLight, etc.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1090.001 | Proxy: Internal Proxy |