Inter-protocol communication

From Wikipedia, the free encyclopedia

Inter-protocol communication^[1] is a security vulnerability in the fundamentals of a network communication protocol. Whilst other protocols are vulnerable, this vulnerability is commonly discussed in the context of the Hypertext Transfer Protocol (HTTP) ^[2]. This attack uses the potential of the two different protocols meaningfully communicating commands and data.

Inter-protocol Exploitation can utilize Inter-protocol communication to establish the preconditions for launching an Inter-protocol exploit. For example, this process could negotiate the initial authentication communication for a vulnerability in password parsing.

Contents 1 Technical Details 2 Preconditions 2.1 Encapsulation 2.2 Error Tolerance 3 References

[edit] Technical Details

The two protocols involved in the vulnerability are termed the carrier and target. The carrier encapsulates the commands and/or data. The target protocol is used for communication to the intended victim service. Inter-protocol communication will be successful if the carrier protocol can encapsulate the commands and/or data sufficiently to meaningfully communicate to the target service.

[edit] Preconditions

Two preconditions need to be met for successful communication across protocols: encapsulation and error tolerance.

[edit] Encapsulation

The carrier protocol must encapsulate the data and commands in a manner that the target protocol can understand. It is highly likely that the resulting data stream with induce parsing errors in the target protocol.

[edit] Error Tolerance

The target protocol be must be sufficiently forgiving of errors. During the Inter-Protocol connection it is likely that a percentage of the communication will be invalid and cause errors. To meet this precondition, the target protocol implementation must continue processing despite these errors.

[edit] References