Capture-Replay

From Guidance Share

Jump to: navigation, search

Contents

Description

A capture-relay protocol flaw exists when it is possible for a malicious user to sniff network traffic and replay it to the server in question to the same effect as the original message (or with minor changes).


Applies To

  • Languages: All
  • Operating platforms: All


Example

Impact

  • Authorization: Messages sent with a capture-relay attack allow access to resources which are not otherwise accessible without proper authentication.


Vulnerabilities

  • Failure to prevent messages from being recieved and parsed more than once.


Countermeasures

  • Design: Utilize some sequence or time stamping functionality along with an encrypted hash or HMAC which takes this into account in order to ensure that messages can be parsed only once.


Vulnerability Patterns


How Tos

Personal tools