Naziv
|
Sniff Application Code
|
Sažetak
|
An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.
|
Preduvjeti
|
The attacker must have the ability to place themself in the communication path between the client and server.|The targeted application must receive some application code from the server; for example, dynamic updates, patches, applets or scripts.|The attacker must be able to employ a sniffer on the network without being detected.
|
Rješenja
|
['Design: Encrypt all communication between the client and server.', 'Implementation: Use SSL, SSH, SCP.', 'Operation: Use "ifconfig/ipconfig" or other tools to detect the sniffer installed in the network.']
|