CAPEC-207 Removing Important Client Functionality

CAPEC-207 Metadata

Likelihood of Attack

Medium

Typical Severity

High

Overview

Summary

An adversary removes or disables functionality on the client that the server assumes to be present and trustworthy.

Prerequisites

The targeted server must assume the client performs important actions to protect the server or the server functionality. For example, the server may assume the client filters outbound traffic or that the client performs all price calculations correctly. Moreover, the server must fail to detect when these assumptions are violated by a client.

Execution Flow

Step	Phase	Description	Techniques
1	Explore	[Probing] The adversary probes, through brute-forcing, reverse-engineering or other similar means, the functionality on the client that server assumes to be present and trustworthy.	The adversary probes by exploring an application's functionality and its underlying mapping to server-side components. The adversary reverse engineers client-side code to identify the functionality that the server relies on for the proper or secure operation.
2	Experiment	[Determine which functionality to disable or remove] The adversary tries to determine which functionality to disable or remove through reverse-engineering from the list of functionality identified in the Explore phase.	The adversary reverse engineers the client-side code to determine which functionality to disable or remove.
3	Exploit	[Disable or remove the critical functionality from the client code] Once the functionality has been determined, the adversary disables or removes the critical functionality from the client code to perform malicious actions that the server believes are prohibited.	The adversary disables or removes the functionality from the client-side code to perform malicious actions, such as sending of dangerous content (such as scripts) to the server.

Potential Solutions / Mitigations

Design: For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side. Design: Ship client-side application with integrity checks (code signing) when possible. Design: Use obfuscation and other techniques to prevent reverse engineering the client code.

Related Weaknesses (CWE)

CWE ID	Description
CWE-602	Client-Side Enforcement of Server-Side Security

Related CAPECs

CAPEC ID	Description
CAPEC-22	An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.

CAPEC ID

Description

CAPEC-22

An attack of this type exploits vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by communicating directly with the server where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.

Stay Ahead of Attack Patterns

Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.