Name Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update
Summary Attackers can capture application code bound for an authorized client during a dynamic update and can use it, as-is or through reverse-engineering, to glean sensitive information or exploit the trust relationship between the client and server.
Prerequisites The attacker must be able to employ a sniffer in the path between the server and client without being detected. The targeted application must be configured to periodically check for updates from the server.
Solutions Design: Encrypt all communication between the client and server. Implementation: Use SSL, SSH, SCP. Operation: Use "ifconfig/ipconfig" or other tools to detect the sniffer installed in the network.
Related Weaknesses
CWE ID Description
CWE-311 Missing Encryption of Sensitive Data
Back to Top