CAPEC-65: Sniff Application Code
ID
CAPEC-65
Typical Severity
High
Likelihood Of Attack
Low
Status
Draft
An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.
Weaknesses
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1040 | Network Sniffing |