Handling complex RE attacks

When it comes to software security, attackers often look for the weakest entry point. In some cases, they may not target the application itself, but rather the dependencies that the software relies on. This attack vector is becoming increasingly prevalent as more and more applications rely on external libraries or components. The weak entry point in this scenario is the lack of protection in the dependencies, as these can be exploited to gain access to the application's inner workings or to bypass its licensing restrictions.

This type of attack can render obfuscation and other licensing procedures irrelevant.

Example

Consider a software program that requires a user to log in through an HTTPS authentication flow. The attacker, who wants to bypass the software licensing checks, observes the flow and knows the responses that the program expects from the server to authenticate. However, the attacker is unable to modify the original application or intercept the connection to the server.

In this scenario, the attacker could target the underlying library that receives the responses from the server and tamper with the library instead of the main program.

The attacker would then be able to fool the program into believing it received a valid authentication response, even if it wasn't actually sent by the server. This would allow the attacker to bypass the authentication flow and gain access to the software without having to provide a valid username and password.

Mitigation