CAPEC-43: Exploiting Multiple Input Interpretation Layers
An attacker supplies the target software with input data that contains sequences of special characters designed to bypass input validation logic. This exploit relies on the target making multiples passes over the input data and processing a "layer" of special characters with each pass. In this manner, the attacker can disguise input that would otherwise be rejected as invalid by concealing it with layers of special/escape characters that are stripped off by subsequent processing steps. The goal is to first discover cases where the input validation layer executes before one or more parsing layers. That is, user input may go through the following logic in an application: <parser1> --> <input validator> --> <parser2>. In such cases, the attacker will need to provide input that will pass through the input validator, but after passing through parser2, will be converted into something that the input validator was supposed to stop.
Weaknesses
| # ID | Name | Type |
|---|---|---|
| CWE-20 | Improper Input Validation | weakness |
| CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') | weakness |
| CWE-77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') | weakness |
| CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | weakness |
| CWE-179 | Incorrect Behavior Order: Early Validation | weakness |
| CWE-181 | Incorrect Behavior Order: Validate Before Filter | weakness |
| CWE-183 | Permissive List of Allowed Inputs | weakness |
| CWE-184 | Incomplete List of Disallowed Inputs | weakness |
| CWE-697 | Incorrect Comparison | weakness |
| CWE-707 | Improper Neutralization | weakness |