AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Registry Manipulation

The attacker can insert a malicious registry value which may corrupt the registry causing denial of service or system ownage

Severity

High

Fix Cost

Low

Trust Level

Low

Windows registry is a database for storing system or application specific configuration information. Editing the registry incorrectly may severely damage the system since the operating system and applications highly depend on it.

Changing the registry through applications, especially web applications, rarely becomes a requirement. However, allowing untrusted sources to manipulate registry keys or values may cause unexpected problems for both the system and the application.

An example code looks like;

                            
using Microsoft.Win32;

RegistryKey key = Registry.CurrentUser.OpenSubKey("Software", true);

key.CreateSubKey("MyAppName");
key = key.OpenSubKey("MyAppName", true);

key.CreateSubKey("UserOption");
key = key.OpenSubKey("UserOption", true);

key.SetValue("option1", userInputOption.Text);
            
            

The code above uses input for string a user-based application setting value. However, for example, other applications which read and process this value can be exposed to severe problems.

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!