CAPEC-633: Token Impersonation
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An adversary exploits a weakness in authentication to create an access token (or equivalent) that impersonates a different entity, and then associates a process/thread to that that impersonated token. This action causes a downstream user to make a decision or take action that is based on the assumed identity, and not the response that blocks the adversary.
前提条件
- This pattern of attack is only applicable when a downstream user leverages tokens to verify identity, and then takes action based on that identity.
后果影响
影响范围: Integrity
技术影响: Alter Execution Logic
说明: By faking the source of data or services, an adversary can cause a target to make incorrect decisions about how to proceed.
影响范围: Integrity
技术影响: Gain Privileges
说明: By impersonating identities that have an increased level of access, an adversary gain privilege that they many not have otherwise had.
影响范围: Integrity
技术影响: Hide Activities
说明: Faking the source of data or services can be used to create a false trail in logs as the target will associated any actions with the impersonated identity instead of the adversary.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1134 | Access Token Manipulation |