Exploits through misinterpreted UTF-8/16 characters
Hello!
This might be all nonsense, but following exploit came to my mind recently and I want to know what you people think about it.
You often see funny characters when a system (or parts of the system) cannot handle UTF-x characters (or just cannot handle certain character encodings). What would happen, if someone crafts a malicious user input with characters that pass your input sanitation, but get interpreted as some bad character (e.g. for UTF8 aware thing, the character is good, but a non-UTF8-MySQL interprets the character as quote symbol, or the filesystem interprets it as ../ )?
If I just discovered a new exploitation type, can I name it? Have I just never heard about it? Or am I just hung over and this kind of exploit wouldn't work anyways?
This might be all nonsense, but following exploit came to my mind recently and I want to know what you people think about it.
You often see funny characters when a system (or parts of the system) cannot handle UTF-x characters (or just cannot handle certain character encodings). What would happen, if someone crafts a malicious user input with characters that pass your input sanitation, but get interpreted as some bad character (e.g. for UTF8 aware thing, the character is good, but a non-UTF8-MySQL interprets the character as quote symbol, or the filesystem interprets it as ../ )?
If I just discovered a new exploitation type, can I name it? Have I just never heard about it? Or am I just hung over and this kind of exploit wouldn't work anyways?
Views: 11
Replies to This Discussion
-
Permalink Reply by Uwe Walter on -
Hi Martin,
I cannot see any chances for such an attack. Most of the characters you need for the creation of any code are in the lower section of the UTF table, where their computed values are equal.
And on the other hand: What a browser shows you, is something complete different from that what the system reads. So, no worries. ;-)
Best Regards
Uwe -
© 2012 Created by Amy Stephen.
