Capture-Replay
From Guidance Share
Jump to navigationJump to search
Description
A capture-relay protocol flaw exists when it is possible for a malicious user to sniff network traffic and replay it to the server in question to the same effect as the original message (or with minor changes).
Applies To
- Languages: All
- Operating platforms: All
Example
Impact
- Authorization: Messages sent with a capture-relay attack allow access to resources which are not otherwise accessible without proper authentication.
Vulnerabilities
- Failure to prevent messages from being recieved and parsed more than once.
Countermeasures
- Design: Utilize some sequence or time stamping functionality along with an encrypted hash or HMAC which takes this into account in order to ensure that messages can be parsed only once.
Vulnerability Patterns