CAPEC-51: Poison Web Service Registry
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
SOA and Web Services often use a registry to perform look up, get schema information, and metadata about services. A poisoned registry can redirect (think phishing for servers) the service requester to a malicious service provider, provide incorrect information in schema or metadata, and delete information about service provider interfaces.
执行流程
步骤 1 Explore
[Find a target SOA or Web Service] The adversary must first indentify a target SOA or Web Service.
步骤 2 Experiment
[Determine desired outcome] Because poisoning a web service registry can have different outcomes, the adversary must decide how they wish to effect the webservice.
- An adversary can perform a denial of service attack on a web service.
- An adversary can redirect requests or responses to a malicious service.
步骤 3 Experiment
[Determine if a malicious service needs to be created] If the adversary wishes to redirect requests or responses, they will need to create a malicious service to redirect to.
- Create a service to that requests are sent to in addition to the legitimate service and simply record the requests.
- Create a service that will give malicious responses to a service provider.
- Act as a malicious service provider and respond to requests in an arbitrary way.
步骤 4 Exploit
[Poison Web Service Registry] Based on the desired outcome, poison the web service registry. This is done by altering the data at rest in the registry or uploading malicious content by spoofing a service provider.
- Intercept and change WS-Adressing headers to route to a malicious service or service provider.
- Provide incorrect information in schema or metadata to cause a denial of service.
- Delete information about service procider interfaces to cause a denial of service.
前提条件
- The attacker must be able to write to resources or redirect access to the service registry.
所需技能
所需资源
- Capability to directly or indirectly modify registry resources
后果影响
影响范围: Confidentiality Integrity Availability
技术影响: Execute Unauthorized Commands
说明: Run Arbitrary Code
影响范围: Confidentiality
技术影响: Read Data
影响范围: Integrity
技术影响: Modify Data
缓解措施
Design: Enforce principle of least privilege
Design: Harden registry server and file access permissions
Implementation: Implement communications to and from the registry using secure protocols