New to CAPEC? Start Here
Home > CAPEC List > CAPEC-113: Interface Manipulation (Version 3.5)  

CAPEC-113: Interface Manipulation

Attack Pattern ID: 113
Abstraction: Meta
Status: Draft
Presentation Filter:
+ Description
An adversary manipulates the use or processing of an interface (e.g. Application Programming Interface (API) or System-on-Chip (SoC)) resulting in an adverse impact upon the security of the system implementing the interface. This can allow the adversary to bypass access control and/or execute functionality not intended by the interface implementation, possibly compromising the system which integrates the interface. Interface manipulation can take on a number of forms including forcing the unexpected use of an interface or the use of an interface in an unintended way.
+ Likelihood Of Attack

Medium

+ Typical Severity

Medium

+ Relationships
Section HelpThis table shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.
NatureTypeIDName
ParentOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.36Using Unpublished Interfaces
ParentOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.121Exploit Non-Production Interfaces
ParentOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.133Try All Common Switches
ParentOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.160Exploit Script-Based APIs
Section HelpThis table shows the views that this attack pattern belongs to and top level categories within that view.
+ Prerequisites
The target system must expose interface functionality in a manner that can be discovered and manipulated by an adversary. This may require reverse engineering the interface or decrypting/de-obfuscating client-server exchanges.
+ Resources Required
The requirements vary depending upon the nature of the interface. For example, application-layer APIs related to the processing of the HTTP protocol may require one or more of the following: an Adversary-In-The-Middle (CAPEC-94) proxy, a web browser, or a programming/scripting language.
+ Example Instances
An adversary may make a request to an application that leverages a non-standard API that is known to incorrectly validate its data and thus it may be manipulated by supplying metacharacters or alternate encodings as input, resulting in any number of injection flaws, including SQL injection, cross-site scripting, or command execution.
API methods not intended for production, such as debugging or testing APIs, may not be disabled when deploying in a production environment. As a result, dangerous functionality can be exposed within the production environment, which an adversary can leverage to execute additional attacks.
SoC components contain insufficient identifiers, which allows an adversary to reset the device at will or read sensitive data from the device.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2015-12-07CAPEC Content TeamThe MITRE Corporation
Updated Attack_Prerequisites, Description Summary, Related_Attack_Patterns
2017-05-01CAPEC Content TeamThe MITRE Corporation
Updated Activation_Zone, Injection_Vector, Payload, Payload_Activation_Impact, Related_Weaknesses, Typical_Likelihood_of_Exploit
2020-12-17CAPEC Content TeamThe MITRE Corporation
Updated @Name, @Status, Description, Example_Instances, Prerequisites, Related_Weaknesses, Resources_Required
2021-06-24CAPEC Content TeamThe MITRE Corporation
Updated Related_Weaknesses, Resources_Required
Previous Entry Names
Change DatePrevious Entry Name
2015-12-07API Abuse/Misuse
2020-12-17API Manipulation
More information is available — Please select a different filter.
Page Last Updated or Reviewed: December 17, 2020