| Name |
Read Sensitive Constants Within an Executable |
|
| Likelyhood of attack |
Typical severity |
| High |
Low |
|
| Summary |
An adversary engages in activities to discover any sensitive constants present within the compiled code of an executable.
These constants may include literal ASCII strings within the file itself, or possibly strings hard-coded into particular routines that can be revealed by code refactoring methods including static and dynamic analysis. One specific example of a sensitive string is a hard-coded password. Typical examples of software with hard-coded passwords include server-side executables which may check for a hard-coded password or key during a user's authentication with the server. Hard-coded passwords can also be present in client-side executables which utilize the password or key when connecting to either a remote component, such as a database server, licensing server, or otherwise, or a processes on the same host that expects a key or password. When analyzing an executable the adversary may search for the presence of such strings by analyzing the byte-code of the file itself. Example utilities for revealing strings within a file include 'strings,' 'grep,' or other variants of these programs depending upon the type of operating system used. These programs can be used to dump any ASCII or UNICODE strings contained within a program. Strings can also be searched for using a hex editors by loading the binary or object code file and utilizing native search functions such as regular expressions.
Additionally, sensitive numeric values can occur within an executable. This can be used to discover the location of cryptographic constants. |
| Prerequisites |
Access to a binary or executable such that it can be analyzed by various utilities. |
| Solutions | |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-798 |
Use of Hard-coded Credentials |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-167 |
An attacker discovers the structure, function, and composition of a type of computer software through white box analysis techniques. White box techniques involve methods which can be applied to a piece of software when an executable or some other compiled object can be directly subjected to analysis, revealing at least a portion of its machine instructions that can be observed upon execution. |
|
| Taxonomy: ATTACK |
|
Entry ID
|
Entry Name
|
| 1552.001 |
Unsecured Credentials:Credentials in files |
|