CAPEC-78: Using Escaped Slashes in Alternate Encoding

This attack targets the use of the backslash in alternate encoding. An adversary can provide a backslash as a leading character and causes a parser to believe that the next character is special. This is called an escape. By using that trick, the adversary tries to exploit alternate ways to encode the same character which leads to filter problems and opens avenues to attack.

High

Typical severity

Per MITRE

High

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-78 (Using Escaped Slashes in Alternate Encoding) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-78: Using Escaped Slashes in Alternate Encoding

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

How to detect it

Examples

Frequently asked questions

What is CAPEC-78?

How does a Using Escaped Slashes in Alternate Encoding attack work?

How do you prevent CAPEC-78?

What weaknesses does CAPEC-78 target?

How severe is CAPEC-78?

References

Defend against CAPEC-78

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

How to detect it

Examples

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-78?

How does a Using Escaped Slashes in Alternate Encoding attack work?

How do you prevent CAPEC-78?

What weaknesses does CAPEC-78 target?

How severe is CAPEC-78?

References

Defend against CAPEC-78