CAPEC-116 - Excavation

An attacker probes the target in a manner that is designed to solicit information relevant to system security. This is achieved by sending data that is syntactically invalid or non-standard relative to a given service, protocol, or expected-input, or by exploring the target via ordinary interactions for the purpose of gathering intelligence about the target. As a result the attacker is able to obtain information from the target that aids the attacker in making inferences about its security, configuration, or potential vulnerabilities. Some exchanges with the target may trigger unhandled exceptions or verbose error messages. When this happens error messages may reveal information like stack traces, configuration information, path information, or database messages. This type of attack also includes manipulation of query strings in a URI, such as by attempting to produce invalid SQL queries or by trying alternative path values, in the hope that the server will return useful information. This attack differs from Data Interception and other data collection attacks in that the attacker actively queries the target rather than simply watching for the target to reveal information.

Severity

Likelihood

Confidentiality

Integrity

Availability

Verbose error handling routines or components that provide the user feedback related to system or application properties.

A web browser or a client application capable of sending custom protocol messages, such as a MITM Proxy or a fuzzer, or a similar scanner or packet injection tool.