Lifting Sensitive Data from the Client
Attack Pattern ID: 167 (Standard Attack Pattern Completeness: Stub)Typical Severity: MediumStatus: Draft
+ Description

Summary

An attacker examines an available client application for the presence of sensitive information. This information may be stored in configuration files, embedded within the application itself, or stored in other ways. Sensitive information may include long-term keys, passwords, credit card or financial information, and other private material that the client uses in its interactions with the server. While servers are (hopefully) protected with professional security administrators, most users may be less skilled at protecting their clients. As a result, the user client may represent a weak link that an attacker can exploit. If an attacker can gain access to a client installation, they may be able to detect and lift sensitive information that could be used directly (such as financial information), or allow the attacker to subvert future communication between the client and the server. In some cases, it may not even be necessary to gain access to another user's installation - if all instances of the client software are embedded with the same sensitive information (for example, long term keys for communication with the server) then the attacker must simply find a way to gain their own copy of the client in order to perform this attack.

+ Attack Prerequisites

The client application installation must retain sensitive information locally. Moreover, it must fail to adequately protect this information against viewing by an attacker. Encrypting the information would thwart this type of attack, but only if the key used to encrypt this information was not itself locally accessible.

+ Resources Required

Depending on the details of the attack, the attacker may require access to a targeted user's installation of the client. Alternatively, the attacker may need to acquire any instance of the client.

+ Related Weaknesses
CWE-IDWeakness NameWeakness Relationship Type
642External Control of Critical State DataTargeted
311Missing Encryption of Sensitive DataTargeted
+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfAttack PatternAttack Pattern22Exploiting Trust in Client (aka Make the Client Invisible) 
Mechanism of Attack (primary)1000
ChildOfAttack PatternAttack Pattern281Analytic Attacks 
Mechanism of Attack (primary)1000
ParentOfAttack PatternAttack Pattern37Lifting Data Embedded in Client Distributions 
Mechanism of Attack (primary)1000