Skip to content

Latest commit

 

History

History
87 lines (77 loc) · 5.42 KB

attack-tree.md

File metadata and controls

87 lines (77 loc) · 5.42 KB

Attack Tree Analysis for realm/realm-java

Objective: To gain unauthorized access to, modify, or delete data stored within the Realm database used by the application, or to cause a denial-of-service (DoS) condition specific to the Realm database.

Attack Tree Visualization

                                 Compromise Realm Data/DoS
                                            |
      -------------------------------------------------------------------------
      |											|
  1. Unauthorized Data Access 3. Realm-Specific DoS | |

| | | | 1.1 Weak Realm 1.2 Bypassing 3.1 Resource Exhaustion Encryption Authentication (Realm-Specific) /Key Mgmt. Mechanisms | | --------------- --------------- --------------- | | | | | 3.1.1 1.1.1 1.1.2 1.2.1 1.2.2 Excessive Hardcoded Object Encryption Custom Creation Key [CRITICAL] Auth Logic (Many Objects, Large Objects)

Attack Tree Path: [HIGH-RISK] Path: 1 -> 1.1 -> 1.1.1 (Hardcoded Encryption Key)

  • Description: The attacker gains unauthorized access to the Realm database by extracting a hardcoded encryption key from the application's code or resources.
    • Steps:
      1. Obtain the application's installation package (e.g., APK for Android, IPA for iOS).
      2. Use reverse engineering tools (e.g., apktool, dex2jar, jd-gui, Hopper Disassembler, IDA Pro) to decompile the application and examine its code and resources.
      3. Search for string literals or variables that might represent the encryption key (e.g., a 64-byte hexadecimal string).
      4. Once the key is found, use it to decrypt the Realm file.
    • Likelihood: Medium
    • Impact: Very High (Complete data compromise)
    • Effort: Very Low
    • Skill Level: Intermediate
    • Detection Difficulty: Medium
    • Mitigation:
      • Never hardcode encryption keys.
      • Use a secure key management system (KMS) like Android Keystore, iOS Keychain, or a dedicated HSM.
      • Generate keys using a cryptographically secure random number generator (CSPRNG).
      • Store keys outside the application's code.

Attack Tree Path: [HIGH-RISK] Path: 1 -> 1.2 -> 1.2.1 (Exploiting Custom Auth Logic)

  • Description: The attacker bypasses the application's custom authentication logic to gain unauthorized access to the Realm database. This bypasses the need for the encryption key, even if the Realm file is encrypted.
    • Steps:
      1. Identify the authentication mechanism used by the application (e.g., username/password, OAuth, custom token).
      2. Analyze the authentication flow and identify potential vulnerabilities (e.g., weak password validation, improper session management, SQL injection in a backend authentication service, insecure direct object references).
      3. Exploit the identified vulnerability to bypass authentication (e.g., using a SQL injection to create an administrator account, guessing weak passwords, manipulating session tokens).
      4. Access the Realm database without providing valid credentials.
    • Likelihood: Medium
    • Impact: High (Full access to the Realm)
    • Effort: Medium
    • Skill Level: Intermediate
    • Detection Difficulty: Medium
    • Mitigation:
      • Thoroughly review and test any custom authentication logic.
      • Use established authentication libraries or frameworks instead of rolling your own.
      • Implement strong password policies.
      • Use secure session management techniques.
      • Protect against common web vulnerabilities (e.g., SQL injection, XSS, CSRF).
      • Perform penetration testing.

Attack Tree Path: [HIGH-RISK] Path: 3 -> 3.1 -> 3.1.1 (Excessive Object Creation)

  • Description: The attacker causes a denial-of-service (DoS) condition by creating a large number of Realm objects or objects with very large data fields, exhausting the device's storage space or memory.
    • Steps:
      1. Identify the API endpoints or application features that allow creating Realm objects.
      2. Develop a script or tool to repeatedly call these endpoints, creating a large number of objects or objects with excessively large data.
      3. Execute the script to flood the application with requests, consuming resources.
    • Likelihood: Medium
    • Impact: Medium (Denial of service)
    • Effort: Low
    • Skill Level: Intermediate
    • Detection Difficulty: Easy
    • Mitigation:
      • Implement limits on the number and size of objects that can be created by a single user or session.
      • Monitor storage usage and set alerts for unusual activity.
      • Use Realm's pagination features for large datasets.
      • Implement rate limiting on API endpoints that create Realm objects.
      • Validate the size and content of data before storing it in Realm.