CAPEC-CAPEC-65 - CERT CVE
Naziv

Sniff Application Code

Sažetak An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.
Preduvjeti The attacker must have the ability to place themself in the communication path between the client and server.|The targeted application must receive some application code from the server; for example, dynamic updates, patches, applets or scripts.|The attacker must be able to employ a sniffer on the network without being detected.
Rješenja ['Design: Encrypt all communication between the client and server.', 'Implementation: Use SSL, SSH, SCP.', 'Operation: Use "ifconfig/ipconfig" or other tools to detect the sniffer installed in the network.']