This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Custom Special Character Injection"
Weilin Zhong (talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | {{Template: | + | {{Template:Attack}} |
| − | + | ==Description== | |
| − | [[Category: | + | The software does not properly filter or quote special characters or reserved words that are used in a custom or proprietary language or representation that is used by the product. That allows attackers to modify the syntax, content, or commands before they are processed by the end system. |
| + | |||
| + | ==Examples == | ||
| + | |||
| + | '''Example1''' | ||
| + | |||
| + | Simple example is an application, which executes almost everything what is passed to it from current terminal by the user without | ||
| + | sanitazing and blocking user input. If application doesn't implement appropriate signals handling we may interrupt or suspend program | ||
| + | execution by sending respectively ''Ctrl+C (^C)'' or ''Ctrl+Z (^Z)'' combinations. These combinations are sending signals to the application. | ||
| + | In the first case it's ''SIGINT'' and in the second it's ''SIGSTOP'' signal. | ||
| + | |||
| + | '''Example2''' | ||
| + | |||
| + | The classic example, often used by the IRC warriors/bandits, was disconnecting modem users by sending to them a special sequence of | ||
| + | characters. Sending via any protocol (IP) "''+++ATH0''" sequence caused some modems to interpret this sequence as a disconnect command. So | ||
| + | all it had to be done was to send on IRC channel previously mentioned sequence, what in effect forced vulnerable modems to disconnect. | ||
| + | |||
| + | ==Related Threats== | ||
| + | |||
| + | *[[Logical_Attacks]] | ||
| + | |||
| + | ==Related Attacks== | ||
| + | |||
| + | *[[Log_forging]] | ||
| + | |||
| + | ==Related Vulnerabilities== | ||
| + | |||
| + | |||
| + | ==Related Countermeasures== | ||
| + | |||
| + | Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system. | ||
| + | |||
| + | |||
| + | ==Categories== | ||
| + | |||
| + | [[:Category:Resource_Manipulation]] | ||
Revision as of 20:53, 4 November 2007
- This is an Attack. To view all attacks, please see the Attack Category page.
Description
The software does not properly filter or quote special characters or reserved words that are used in a custom or proprietary language or representation that is used by the product. That allows attackers to modify the syntax, content, or commands before they are processed by the end system.
Examples
Example1
Simple example is an application, which executes almost everything what is passed to it from current terminal by the user without sanitazing and blocking user input. If application doesn't implement appropriate signals handling we may interrupt or suspend program execution by sending respectively Ctrl+C (^C) or Ctrl+Z (^Z) combinations. These combinations are sending signals to the application. In the first case it's SIGINT and in the second it's SIGSTOP signal.
Example2
The classic example, often used by the IRC warriors/bandits, was disconnecting modem users by sending to them a special sequence of characters. Sending via any protocol (IP) "+++ATH0" sequence caused some modems to interpret this sequence as a disconnect command. So all it had to be done was to send on IRC channel previously mentioned sequence, what in effect forced vulnerable modems to disconnect.
Related Threats
Related Attacks
Related Vulnerabilities
Related Countermeasures
Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.
